ukr-mova.in.ua Open in urlscan Pro
2a00:7a60:0:1054::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr-mova.in.ua/
Effective URL:
https://ukr-mova.in.ua/
Submission: On November 26 via api (November 26th 2022, 12:47:21 am UTC) from GB — Scanned from GB

Summary HTTP 183 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 22 domains to perform 183 HTTP transactions. The main IP is 2a00:7a60:0:1054::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is ukr-mova.in.ua.
TLS certificate: Issued by R3 on November 9th 2022. Valid for: 3 months.

This is the only time ukr-mova.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2a00:7a60:0:1... 2a00:7a60:0:1054::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
26	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 2	63.34.236.18 63.34.236.18	16509 (AMAZON-02) (AMAZON-02)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:e800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
183	36

18 2a00:7a60:0:1054::1 (Ukraine) 1 redirects

ASN200000 (UKRAINE-AS, UA)

ukr-mova.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

sandbox-api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.236.18 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-236-18.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	441 KB
26	piano.io sandbox-api-esp.piano.io — Cisco Umbrella Rank: 504707	54 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 601 pix.eu.criteo.net — Cisco Umbrella Rank: 6719 csm.eu.criteo.net — Cisco Umbrella Rank: 6774	94 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 ad.doubleclick.net — Cisco Umbrella Rank: 168 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	132 KB
18	ukr-mova.in.ua 1 redirects ukr-mova.in.ua	665 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 274	367 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 739 static.adsafeprotected.com — Cisco Umbrella Rank: 560 dt.adsafeprotected.com — Cisco Umbrella Rank: 511	95 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	270 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12553 ads.eu.criteo.com — Cisco Umbrella Rank: 6648 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8266 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10403	105 KB
6	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 122 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	73 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540	4 KB
3	gstatic.com www.gstatic.com	15 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	10 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4672	914 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2118	363 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	89 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	699 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 67	75 KB
183	22

	Domain	Requested by
26	sandbox-api-esp.piano.io	ukr-mova.in.ua sandbox-api-esp.piano.io
21	pagead2.googlesyndication.com	ukr-mova.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com s0.2mdn.net
19	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com s0.2mdn.net
18	ukr-mova.in.ua	1 redirects ukr-mova.in.ua
16	static.criteo.net	ads.eu.criteo.com
14	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ukr-mova.in.ua
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net fw.adsafeprotected.com s0.2mdn.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	sandbox-api-esp.piano.io googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	apis.google.com	ukr-mova.in.ua apis.google.com
2	connect.facebook.net	ukr-mova.in.ua connect.facebook.net
1	ad.doubleclick.net	www.googletagservices.com
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	ukr-mova.in.ua
1	code.jquery.com	sandbox-api-esp.piano.io
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	www.googletagmanager.com	ukr-mova.in.ua
183	35

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
www.ukr-mova.in.ua R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://ukr-mova.in.ua/
Frame ID: B54076651456B97435DC17E80684803F
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: F115D3CA3C57E0E8F38FC08DF8FBD449
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&adk=1812271804&adf=3025194257&lmt=1669423635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fukr-mova.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634712&bpp=3&bdt=520&idt=287&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4820022543065&frm=20&pv=2&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: EC38C5D37B91FAEA84AD5C8D9A266AE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634715&bpp=1&bdt=523&idt=307&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=12s8zvSWcY&p=https%3A//ukr-mova.in.ua&dtd=312
Frame ID: 617518D3D71903BF93C8DD82886324F9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Frame ID: 2D7D134620ECF21D9ACAC08D36D4AE9F
Requests: 1 HTTP requests in this frame

Frame: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
Frame ID: 6A45DFF55C3DB053AF0992C1A905A31E
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4FiEwACOWgIu-WwAAUh4rxDdW_z9K9gSEXZpQ&u=%7CGvkPb%2Bu%2FDAvo9JA1ekYK9lnHmbaTk9OSIXk3wRLU9Bo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RxwjSy8CuKuElHYFyvn63aqEV4Y3x61CFrpdbZU6iukb9QsKDh3l8gfCTSM5QhEorVkt8Mmqhg_y-LPziOFL9k7LyiVFCLkY192wvnLpZMouh4cDqghIWfanDisivgcUVEk7XnUDE9r-MG0OkpnEXj3vQ_EckAR2TzYBKKY7sfNzVSCKKfXoJkByfEi7ZsPJv-EYP15Zajw8M9FPJ67eazQRX4h_HldYCAV8fJtng6X98hhQPj9oycGAXf39qohRmaZv1jOwR0BiVkn9hNXX-9Md9E4lXRaCKDOXTmr6ccchbSKT4PvjC4fySx27zS1d6_xzm-iPP0LERpUVqSVNeRriMpjLRrxLW4RJpnzeHpqiIcfKM9EJN1vD0mmZUF2GsoVWmD0dOnHSuETePoX-_83185mVcQXH_Ia0XhHbupn9eHdWWpFGq5sSFtpPr1ECDyNlHQVuXOrYChezI7yGbVw2tgEs5db0gDDbQ6uY__jeEzihIUEVQiBergvc7d98dHlpy62XAKKmAOFLvzeNX0CZ6QEiusrwI1j4P_dWnnQraWlau61zA8olD7f5-cuvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_VM3E2KBY-jyCLDL7_UP4sOUgAnkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEuQFP0BMdSe85VUA2VMKYlIB7x_cpNOsTYVAmdrkCF5z_tLmqcrhtB4-rkZJKoWjLbLlvn2Gbs089lce5eSU1anLUDqefk_7Pqy8zM38X4Sw5bxqq2QD6uNhlwwSUOAaDnmcgJRZzpbu1ocmjYPbBgbY8zJ7nURWWvJ3CowzxrKkEcD_xfetPoM9UfX74yleio5wLxbzsUj9cEge4J6YI6ocvx6f7BOfAzRH_jRsmGRCNOVpT0a7ccLV1HIAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1uuhmlgNE-4RwR4yC-qoslPe91KQ%26client%3Dca-pub-6503488954991490%26adurl%3D
Frame ID: 09524879F62E2DA197FE9338AB5CA079
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImIHhC38pyQAhiqttbXATAB&v=APEucNUJZ4bcR_zo0kcwF6o6cp9wrp2VAaZsc2MlWnKAarK_xQz6Qb9wFpK0tA_P7Clh6Dw06B23EdKJpEkm69iBHjGajEaar0rVRSNPV9m3HyVdxBabWz-6omIvQHPTiI4Rbs-0tMlbKM80FqN70GQ5RquLl-SGXj2uAs0U3eFaOlU5zIvyytQ
Frame ID: 6A9E818875053989F64B82D17C8EAD49
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3wBU8-uoU5BoyYVgKNxdh-H6og3i-iRU_M_xiSwbIRlbGMmr1-n0xMlm81TKhhZp8JOQo8nTGWTbOJ_53cF58SBmdORqL5vre87Jf_QYweI1Q5lKEBLbrPD4FNQzv-eogyd8foqK35xz9kwJBRIgZ_Z0zYTFVbijQmYrQwQEe8BOjKM4&cry=1&dbm_d=AKAmf-BFWGXJN8fHjTdCoXp78I03FdSJ7YexADO8r8W-0VNgMqOWi2z7_nzn-dao-op5XLPk-ZyrVgVuh-zArRC_-Rrwmbj1U_CsXQoioERQ6ZPR-ihcW6nTnmfkDIrKT1l_63twMJT8UIUmqCtttRRKETnD0F9Snh3z-3fnoR0TVETzlyqpblFlGsXPd9ZuqR9vevgidU2e9BjzTiFtda38CN4R1ZwpTul7bWNo1ykXfeynutrkRD1vLhSBoHdVgXZqnZSWmyHG6I4GFJ8O59WkMj3-lvWZPgiSzUOz95WeSsg6OJ4JXdrrLI8inBSlATtbg95_BhmcseKAlplhW8Zm2mUhQeRp-0wMRQa1jDcoAiDbKFlRvycOJVhbpHObGGvbNljA7H4_dHtBReHWxehtMX2vPBF0UyaALdk3KRJMbrZhPKE9aYii1_qyeKPV1zxWpXjsZXs0qjXbMEu4o-AEwtVQJ-8IlB_m_4D6ccRgtXhi1qvEe8-LQS9QLHhq-VrJ4GohLKnStJ2yzM6pd9uJe4c6wbm1JzuD0Hq5KO392fkKSjc4YNBgH5qhb-47Wjyjn2EC-E9JQtv2QK5viuQSpo9EYh8Yo2YxEgsxBRLDI17kl6t8_4m1lZBPmmmVhChrzXyvgTvAhWBjF9oSfMEcUJYHyxtHDtMG4f3DibvFDsSVd9DzJu1d2d2857BXXWLSxTqafwb96IGHJXvkmfs3kcpQKLmeeyl1cQF2lDnDvdn-xHdkvB08jU4a9gK1xhFijSVl6BoKRmie3CEx_Dh9rvAJUBGKjtzIg4byKXYgsCITfDne88yEG57eniBFDOtQJpY47TCewLnNXaLjdc7_54ODggcvKAOl1WTKAmz6toNag2FUGoP6NkaEGsU6P5Ix5_5E208F710CXS-YudD5jglhtoqhZEx6VKr0tuSj6AY1zO96jH_BjwXCnghA8MVO-z8G9UVx-C0MIaLrU8g9DJ-RzOUvhrWyMzb27wUXm_f9VbVQmZlhBEwrvSKzMyC2FmjuUIw-kCKbPJX0fKC-uvAs3tH5yJzIGxgKWEkc0nG0AwEby9JRnbttKO3L4Zx5ZOVML9C8W9THdj9b_17jQsmLlzE4Rx55ngIs_kQP10c8fLBFsdbRS3Wes9h4oUZtuGwg6slpjhg8PuYEiuOUdm9zh-5EbFrTJSDDVVJuI6a2mvryLl5Yrlpxn4g4jafDQ1AW2pYBUrhM-sD5zBxr5gpUcMSwY4JinwY8Ftm-2_wcYrT4lFk6_pJ2rEftIxpS2gNnE7JNh6BAklAEb12QH12_Go_iIt9OMvUeUdzW-OJBQ1hwxq3r5T5Pp9cPOGR20hV-mZcC6etzE2Bd9wIE4yNgSbwxGANKVXMvcYDFlfXRQ_4aIUl8NclgNdytvD06j7pu7Jq-APjvgzWdyQZ-yWF7Kyi1fVPgRpHYwavNyx77GFBFxuMG1unY1Y1bKH0haOlyo9kxytlb2gK5XROxpRy8HTHoX8najO8kpZcRVllrhh-LerLc0b3J2-O0cAZTf2fUghLFgJQ7NnoSHWStK_yT08rsB_ejuIlKPZbo9Ry8Qd6JliLJHIgEpNATm0X85SYNUlXNHK5HCCBmUqGt7hVlrQiXK10mKp0VOoXPzG6w_OGk7bIaKY0wkVtEFan67ca4H9LeIniXtx_HU-gLDB9HFdaaRXbaJB9WuH130_BE32pjx67O6d2ntpAF71U8-rKdoHa1lm7lTvGUSA-7kPQhdfbt14o3dhLsNsXawfUmlQsDWNMBjZoqtqi-IfLXXHafsiQL6uHOn50UM-JzWWEkWdcYeAIyXOhdu3GGjBKP-6ASJjZAvtxmVLWJcRIQCqS-qMpdUaSS0cJOZmVj4En6PpIrEruAaGjABK93x3lOz4TLBDECsUn8bssSRdbECZRY9KGFbiGE96P81JWEf94j5bAJNYB9DCZbdTxNdKfDdcT9soiTPkXTmmq7mkai1yr5RPKLw_GHy-G3zUp6kNWJVL6frZ0bXuaDFVWz0oQdXQ4vtsY1WgIhIYCSutAjDA0VHHiqtpLZ4tjxaTx_6nQCkw8NAOi_fuF-M3hQB59TEJ4eonVokcou0WrxZKuaUJYqiM6g20htFOkd2rnwDUqC7HeNZ2zjyiYpa-ynDyINrWX2tiOFdaa4IrEuRO8ZrCaDyfxGXUt8R3ogLlpXfcqroFrWkSK1zM8lWaId9-xaCtIj4FqXVUMgnYS2tMM0Mn_OAD_5oJILf3MYF82GutnZYgSq1j1BsWP2s_DMfU9wOMflyGUFRUf2CVvxVL7GTZrVAdSAUx1jLRGZs5r3JzvR8cHQR0aXSKg-4WIMNwgGA8pF5fjU0y4ipSr5PU6re14wPUdzsZS4A-55B8eOUOverFkByBc4bgUMx3BK4eQJzHjUkpfUNkFMsWMQIRWhfMf-M_wWnGlss0iB9WdZefHfgx5GxCW_7qEeq2JEXNgVxvix2ahGlJ8nvOvMOfxgSEFnp423HnyUA3191qJbL3pylwYtACMUUTYg0kD_Qsmq1rOD6B4b6wvjBzpYa8xZnSMu6MYgzAPgHaeRh9x44b8wNKWAVJkyMH_EMUrD6IGz728ZARVq8uMb2Sl9CBXryleLqZgpuIrg8oJ1IynpkqXUaqIdOegu4uxxmm5nqCQoR0WuPtV0JnF3xxgT8pyJvlKPxgwEsXY249NAewjaEfpJTtpvUwtaxW6gXCzeQQj0ypCGfo9Yhofew4ngij23Xnd5VM8Vm0PVUgvDUeL19p9rzWldf0I7Jk4htu3yo7DpyyPs5EGpChbRjPK73xf81mz7G2v64R0Tw4RkzynXwPKv0BtvS2ZzvNFsBro1Ijn0Kkq4ibIJgo2gCQ-mwHxZopmvZkatqlg04vBYwMRQ-4SHHHt7ZMI6k4uSmxB4nYenL4oH3glGtkIsyUZbjdfBtpwQNVWDBmacxg3F7gUahCl0WY12C8v5f9k3cBbUepXkBmqR94-x5BqC54q4xEvTP6Hcflgds63bq2-U-Hsr6Ui-9HeUcpWaVH2_bxl2KsS8lHDWei6T0NtWunEPSUkM3Z0IrcTswdW9bljtMY3yZUs3hPRyBbUCbbNWh-fdjNjJgqEfZQj37u0Mby2GnAKtKCW2iI8bA-iMy05RQJsMRGbmSpJK4oXXazWeCXIY-BqVu5DKqRorlQ_Ix6hY5EwF2MqDDFs47hOAQzuOv5AcdMsKih8vqQ&cid=CAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM&rfl=2%2Chttps%253A%252F%252Fukr-mova.in.ua%252F%240
Frame ID: E98489C2EA03AAAB6FBB0AE6EF694E03
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: BCBF03474873BA4265A9B5D56C141EDC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2C72DB4A5C1E5143C428D591D4FD2E03
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4FiEwACRNAIu9qOAAuKUfZ5WGBaRKZ_Q4Wshw&u=%7CGvkPb%2Bu%2FDAtG%2B7%2Fmsp8IjpM4SNmNuUFjKxzjvLZ6rUo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RxwjSy8CuKuElHYFyvn63a_dIUoRWUI2GpvG1RqMB7yjmVT2T11hDQJdBF_5rIgGPIG3BeddC9d6V6Z2-oiBpfgjWH5T_-xbRCZnYxQmNpw1Ddn4ciKZkDXTY1Qe4zEymZJ7p1I0Pxo-Up-fwYQjmBhNiXzu8VH6vrVT-57tAKeRcp8QP4qbVDQ41p7qlJFVWcIyGje8_dt4E1TAhg4mVF9bvTJ_83ObF4KUtgk9H9F3qlZJaG4zIKak3Oft8OFBijzrXmGmxmMz6Bakr6Z4KJ9b-ybU0nPiydLf5TkWm7KqMrgK05fmpXWoDoI08399XhjfPQFqrJrKNX2eM1RdWLLKlhZiNvPqfx74IiOT_z2_jjlQ1RvsLHRz95cBvpdoQRDDPQiplQ0ZW2v75bX1WKYNA3Hu3_QdT58FCWVoxVtQ3CO0fYulWlbq9KHftE0kGswMTaRJwclYTrpBdoujsMtxqiOntJjA4dj_VsSnteVsKIy9mL9bwVnqWstloPZos4b8Xfl4AWRDrqvCLqIhj56SsfL0i-EB6-R68t0rRpLqP-2iPf2OEvdKQmnLO0ElbcZq8FyvYqCg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXctgE2KBY9CJCY617_UP0ZSuqAXkj9KxXOeR4oiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEuQFP0KpXVj2x2mahtd605N0S5P7UH4MfPKWZxkYB5yW5Wx1LfAPfcILASwWvvKwyB3h1J1y_YwJUXSIp1qpp2BhHMArodLPf_SbFAabyfnQ94Cv93Ly0DGSZK8Cv-TKjk6SYO1flfcX7OuSFmRpTsrDOR2S3Sn23ARilwpkM_dlHhKxGpT5dLKjw1P1oDa8ln1u3knNrUuEEAfVYGeGis5dy27XFHt9YTbzRDy-rSaoBTFsUZ08hT_ffXYAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0D3yfuguzxzbbtrcSBrWJP7E9BjQ%26client%3Dca-pub-6503488954991490%26adurl%3D
Frame ID: 1DACE3B6D48208B1B35CF8A2ED0053E8
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 717DC7C687FB71C5B272B08E3D789775
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 714BB800A692726F014CF70D50248D27
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9B5EACC98A17C467BBFF52155CE61AA7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB30DAC5980470466D9DF7F3D8D3D44E
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6602.3623628HPH_UK_6602/B28020909.350557476;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;liid=18702611663;dc_adk=497053797;ord=ryhmgn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG_0zE2KBY632CKCz9u8P-f-FmAPmtqnNbaS1loLjEL2x4abhNhABIO2KqCdgu4aAgNAKyAEJqQLroNdKbkm0PqgDAaoE5wFP0J9JLLzn412uP6bdTYwtkxsUhg29Cee1cvQgRZ150n9dR56xMpJ4ZB_MRh1qkHeLDCXC9MkCxbq3pebPddszoUd51qjvsYkOBCJG1-VgoY7tm648_0diH7rrRlEb1-iRhHXGNXmW4qHnqGtJpEY8TEEx-4NZ4nK1XflkakpqsXt-e5SI0l0Hs5cTZBHs_nMcmYoPCo14DZWQ9OxLHOoHUXPhfzPBbbEF1KMbi2POOqHv6p0KYhTeXARWPg4FdnjYYMA8iLPKI_ZUo2fkmAGZ-SNXy6PZfjRmVqU9_NELR_7dj0ZQSjLABNb364mPBOAEA5AGAaAGTYAH_d_X6wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE_KrqBHQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM%26sig%3DAOD64_28MI8Zd2IGn_oo4qP3j4Rcmso86A%26client%3Dca-pub-6503488954991490%26dbm_c%3DAKAmf-BfHM4iTVzzmKyROQ__JyLbs4RPCMDGNfpfTTm9roSGqhIDSDOCZArowrk8brd8TKKKIZMJ6KbiyyWL_LSHPeUubUx9p9T2fYvjYhovXb7HmrmsYCuTTc_8oBPsM9wNoJcrHmSaumCayQuXguWtGrChDqB04ntZRngn60rc5WiWfr2e2G4%26cry%3D1%26dbm_d%3DAKAmf-C_vFgunW5P1IxBg5J52tTPJPxkZ3MyMBVO26GlXi7opm0L1YS3E166TrbjquaSVEsjhCVbCStvOleDPmuaR8lPC1KsLpNpFBbIOPqPBsH8G4wDkJLSRZRBfBhRynM7FLFzdSkCIeXenH3gb3SlEqcxptdPySx85PdF71NEIJLzJJXuV2eexrCAKJIWao1FNzwixzXEufAlcNL6qyOdpW-ncMQxXD8O7nAlYlMclZyW6P6fbj8qqZ3XjDcRTsQfboqbu-OzLr--8QOaEMd2CkGNP9VzblVVoMjKoDuUkOZjEr-Zy0bKspJ9-i2zIAf_QYNys1vbvbMJSCRSxJtqkVIe2mvD3piz8prGeA6_yJiLjBQTTraP4jC5rw6NsiB9igZF4yyiq3SUHXRvjO6Oo6WkOjoOp4x01cm0aXLV77T-btA6BzEdyOK9SlNLsWgSqvLyNBQA3LvREP4h8xZiql_eBfiQ-1WtjyOepxrLlipTn7Hy4w4wE-4PhOGq_Pf_eWMiXlKLbAA11O8VECFCIewiT-3jn0XGuSf6PCaHI_TzlcFCzVw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fukr-mova.in.ua%2F$0;xdt=1;crlt=2vwhBUddTf;stc=1;chaa=1;sttr=170;prcl=s
Frame ID: A597EA9AE31296D46DEE25FEF9011172
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 78BA7BA41F94874DBB3D1B63FD0963AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9DEBAFEE70134D3049765F8F13780A38
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
Frame ID: 492948FE7F6D99265640F06775F7B967
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC23E1996D0BD9A82492673F0E41848F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 072344A8C00EAA30A8DD3491D3538ADB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: E448FAD38230E1E2FE250E4FED1B01D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Лепетун допоможе вам вивчити українську мову швидко і весело | Мова – ДНК нації

Page URL History Show full URLs

http://ukr-mova.in.ua/ HTTP 301
https://ukr-mova.in.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

183
Requests

97 %
HTTPS

80 %
IPv6

22
Domains

35
Subdomains

36
IPs

7
Countries

2520 kB
Transfer

5779 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/app/id1061415385

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ukr.mova

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mova.ukr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mova.ukr/

Search URL Search Domain Scan URL

URL: https://twitter.com/Mova_ukr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr-mova.in.ua/ HTTP 301
https://ukr-mova.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1&C=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4FiE7WAsunQgIpiSZUbTQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDQoSluNnBHQS5zRqHea9fQ&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMTkyNzU3ODM3MjcyNDY5OA%3D%3D

Request Chain 105

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/572802/66746211/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fukr-mova.in.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fukr-mova.in.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6503488954991490%26output%3Dhtml%26h%3D280%26slotname%3D5558448768%26adk%3D2712173870%26adf%3D1733808768%26pi%3Dt.ma~as.5558448768%26w%3D373%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1669423635%26rafmt%3D1%26format%3D373x280%26url%3Dhttps%253A%252F%252Fukr-mova.in.ua%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1669423634717%26bpp%3D1%26bdt%3D525%26idt%3D313%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1124x280%26nras%3D1%26correlator%3D4820022543065%26frm%3D20%26pv%3D1%26ga_vid%3D174118585.1669423634%26ga_sid%3D1669423635%26ga_hid%3D246295695%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D951%26ady%3D1041%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531705%252C31070969%252C44770880%252C44774606%26oid%3D2%26pvsid%3D2772225141267410%26tmod%3D1178307077%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DKQJLT50Sd7%26p%3Dhttps%253A%2F%2Fukr-mova.in.ua%26dtd%3D316&adsafe_type=bed&adsafe_jsinfo=,id:dca98d42-dbd1-c246-cc05-bdc59c2fc077,c:v1UOQV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-b5w7w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:df6fea52-6d23-11ed-ba28-02de7fa72835,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

183 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ukr-mova.in.ua/
Redirect Chain

http://ukr-mova.in.ua/
https://ukr-mova.in.ua/

17 KB
6 KB

364ms
209ms

Document
text/html

2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b9bef40f1bf2a0adbf0871b9f7515b82b8f73296d45963729e2504a1cc809e83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 00:47:14 GMT
pragma: no-cache
server: nginx
x-page-speed: on
x-ray: p1053:0.130/wn658:0.120/wa658:D=125984

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 26 Nov 2022 00:47:13 GMT
Location: https://ukr-mova.in.ua/
Server: nginx
x-ray: p1053:0.000/wn658:0.000/

GET
H2 200 jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js Show response
ukr-mova.in.ua/assets/templates/js/ 91 KB
32 KB 150ms
146ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.010/p1053:0.000/wn16980:0.000/wn658:0.000/
content-encoding: gzip
last-modified: Sat, 19 Nov 2022 09:08:17 GMT
server: nginx
x-original-content-length: 93107
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32695
expires: Sun, 19 Nov 2023 09:08:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 173ms
65ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

238e18cef217436fe03f0b81c98a60df42bc15af92b0cbcfcf11a2e1a77b6354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Nov 2022 00:47:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 188ms
90ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d554abaad80b8560924fbc3c35f1956894d46054f724d10e71530290e9ee09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49210
x-xss-protection: 0
server: cafe
etag: 3260958532871659630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 00:47:14 GMT

GET
H2 200 A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
ukr-mova.in.ua/assets/components/minifyx/cache/ 216 KB
30 KB 146ms
144ms Stylesheet
text/css 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5ff4df129472ce117df4b51bb3cd58f6ea514d85a63ff77a5df4c5d20ce5cd2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.010/p1053:0.000/wn658:0.000/
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 19:25:28 GMT
server: nginx
x-original-content-length: 221389
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30292
expires: Sat, 25 Nov 2023 19:25:28 GMT

GET
H2 200 A.mova.css.pagespeed.cf.hW0QbgvBSY.css
ukr-mova.in.ua/assets/components/ajaxform/css/ 504 B
545 B 73ms
72ms Stylesheet
text/css 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0c3b4742a2f051d5b4563017922c6a5a812a94176b935ec0ef0e7692310b6561

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/p1053:0.010/wn16980:0.000/wn658:0.000/
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 05:37:53 GMT
server: nginx
x-original-content-length: 565
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 243
expires: Sat, 25 Nov 2023 05:37:53 GMT

GET
H2 200 Mova_533.png
ukr-mova.in.ua/assets/uploads/images/ 170 KB
170 KB 123ms
122ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/uploads/images/Mova_533.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 65f64c32be0b31cf5b3e60f6fe16fe0545e49375c5486490d10da3be8c823184

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
last-modified: Tue, 15 Mar 2022 13:05:57 GMT
server: nginx
etag: "62308f35-2a640"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 173632
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 Mova_226.png
ukr-mova.in.ua/assets/uploads/images/ 199 KB
199 KB 75ms
74ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/uploads/images/Mova_226.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c316d6d358f31acc381a8e2e9f393030a3c36e5a8c8f8ccf1eb785179d387d02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
last-modified: Thu, 11 Jun 2015 19:51:49 GMT
server: nginx
etag: "5579e6d5-31b50"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 203600
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 Vprava_19.png
ukr-mova.in.ua/assets/uploads/images/exercise/ 143 KB
143 KB 123ms
122ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/uploads/images/exercise/Vprava_19.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1a642d998a7bb9a6451c45ec09b036fd3e9a9503a50543aff9d662abe3ef98ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
last-modified: Wed, 19 Jan 2022 14:17:45 GMT
server: nginx
etag: "61e81d89-23c20"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 146464
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 minifyx,_cache,_scripts_85e1a56646.min.js+ajaxform,_js,_default.js.pagespeed.jc.sl3QhsaXLy.js Show response
ukr-mova.in.ua/assets/components/ 83 KB
23 KB 74ms
73ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/minifyx,_cache,_scripts_85e1a56646.min.js+ajaxform,_js,_default.js.pagespeed.jc.sl3QhsaXLy.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: faf82bdf4232c3b4b2e84f909652553508b656cd578b2160415e6bd8afbe7bbb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
date: Sat, 26 Nov 2022 00:47:14 GMT
content-encoding: gzip
x-ray: p1053:0.000/
last-modified: Thu, 27 Oct 2022 14:02:55 GMT
server: nginx
x-original-content-length: 86428
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23634
expires: Fri, 27 Oct 2023 14:02:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 165ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9e4e2559cfc12657887b425b2501ce0dd2fe1e078c33b9fa8ae0eb8c8878d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 00:47:14 GMT
content-md5: ienG0W5v9+8GikalSH6prw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 4uo0Rqdao4xZWfTM+QbEszBTBvMogTf5Xm8K3aDE0wvmuPulpe5rpInlX6W0ZWXXsa+HenBdWri/SBS1eyARGQ==
x-fb-trip-id: 686109401
x-fb-content-md5: ac5146614a324949a148a1faceb4e947
cross-origin-opener-policy: same-origin-allow-popups
etag: "bf78e4f68a7dadfed702ab4f636ef4cc"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 00:49:23 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 232ms
63ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js?onload=onLoadCallback

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba88e498053a1f77f33607ee877d778ab2a8cfd8ed4c9fcd7555416c02714074

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 00:47:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20987
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "8fe2b2543a66c555"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Nov 2022 00:47:14 GMT

GET
H2 200 jquery.jgrowl.min.css
ukr-mova.in.ua/assets/components/ajaxform/css/lib/ 2 KB
2 KB 74ms
72ms Stylesheet
text/css 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/lib/jquery.jgrowl.min.css
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
last-modified: Wed, 08 Nov 2017 08:09:22 GMT
server: nginx
etag: "5a02bbb2-6af"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1711
expires: Mon, 26 Dec 2022 00:47:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 118ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RGJRK45Q0D&gtm=2oeb90&_p=246295695&cid=174118585.1669423634&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669423634&sct=1&seg=0&dl=https%3A%2F%2Fukr-mova.in.ua%2F&dt=%D0%9B%D0%B5%D0%BF%D0%B5%D1%82%D1%83%D0%BD%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%B2%D0%B0%D0%BC%20%D0%B2%D0%B8%D0%B2%D1%87%D0%B8%D1%82%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%83%20%D0%BC%D0%BE%D0%B2%D1%83%20%D1%88%D0%B2%D0%B8%D0%B4%D0%BA%D0%BE%20%D1%96%20%D0%B2%D0%B5%D1%81%D0%B5%D0%BB%D0%BE%20%7C%20%D0%9C%D0%BE%D0%B2%D0%B0%20%E2%80%93%20%D0%94%D0%9D%D0%9A%20%D0%BD%D0%B0%D1%86%D1%96%D1%97&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ukr-mova.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bg.png
ukr-mova.in.ua/assets/templates/images/ 5 KB
5 KB 144ms
143ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/templates/images/Bg.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1492f13f86dec17d82703c69f04876ac6d2eb57f331b8319076590cef2d6a4ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.013/wn658:0.000/
last-modified: Sun, 04 Jan 2015 11:46:42 GMT
server: nginx
etag: "54a92822-12c4"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4804
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 Mova.png
ukr-mova.in.ua/assets/templates/images/ 6 KB
6 KB 123ms
122ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/templates/images/Mova.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 76e8afd1a54e3c4a9a0e604b4766afe94381eb62ad8bff5b3c641e7a970f0e66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.001/wn658:0.000/
last-modified: Wed, 10 Dec 2014 19:11:12 GMT
server: nginx
etag: "54889ad0-17c3"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6083
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 PragmaticaC.woff
ukr-mova.in.ua/assets/templates/fonts/ 15 KB
15 KB 123ms
123ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/PragmaticaC.woff
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 11237bed4d1fa875bf345142d50731137039190b47aa457efd5c6c0aeec93755

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.001/wn658:0.000/
last-modified: Wed, 10 Dec 2014 19:11:06 GMT
server: nginx
etag: "54889aca-3bf4"
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15348
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 icomoon.woff
ukr-mova.in.ua/assets/templates/fonts/ 8 KB
8 KB 124ms
124ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/icomoon.woff?-sm9jq8
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 025d6947e5924707bf0315200f65bd967680ba42e5c8e6b6948fa9405ccdf9d8

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.001/wn658:0.000/
last-modified: Tue, 23 May 2017 20:22:06 GMT
server: nginx
etag: "592499ee-1e10"
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7696
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 PragmaticaLightC.woff
ukr-mova.in.ua/assets/templates/fonts/ 15 KB
15 KB 126ms
125ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/PragmaticaLightC.woff
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 62c1857dee37b756c49089ed0d15e32fbd1bae2cf3d581fc924ff695dc206e0d

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.001/wn658:0.000/
last-modified: Wed, 10 Dec 2014 19:11:08 GMT
server: nginx
etag: "54889acc-3cd8"
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15576
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 sdk.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 126ms
45ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 12025
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"1bbec-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c946edb7541-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:14 GMT

GET
H2 200 icomoon-soc.woff
ukr-mova.in.ua/assets/templates/fonts/ 2 KB
2 KB 107ms
107ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/icomoon-soc.woff?-sm9jq8
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 94dc26972578717e2b66d6e19d4384d3a202ac8f638f5c4f6c795ce2219049c4

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
last-modified: Tue, 23 May 2017 20:25:25 GMT
server: nginx
etag: "59249ab5-830"
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2096
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 jquery.form.min.js Show response
ukr-mova.in.ua/assets/components/ajaxform/js/lib/ 14 KB
5 KB 109ms
109ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/js/lib/jquery.form.min.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
content-encoding: br
last-modified: Wed, 08 Nov 2017 08:09:22 GMT
server: nginx
etag: W/"5a02bbb2-3983"
content-type: application/javascript
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H2 200 jquery.jgrowl.min.js Show response
ukr-mova.in.ua/assets/components/ajaxform/js/lib/ 5 KB
2 KB 108ms
108ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/js/lib/jquery.jgrowl.min.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9fdc13189ace49bfcaf1cedffaec9e88aba48b26210730af49cd1893f270ac98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
x-ray: p1053:0.000/wn658:0.000/
content-encoding: br
last-modified: Wed, 08 Nov 2017 08:09:22 GMT
server: nginx
etag: W/"5a02bbb2-1572"
content-type: application/javascript
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 00:47:14 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 110ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3ccc00b41180c55640a6806c1c191f45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

055803689422db469d6c17f6af75715f774c05d500b55ed6f866aa55fb376389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ukr-mova.in.ua/
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 00:47:14 GMT
content-md5: ARO/aVFww23d1lC7AqwMiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88359
x-fb-rlafr: 0
x-fb-debug: dKXa1B49t/PiM+al6tMoINCLhTE/5tf+Xg8esOiyz8hdZfYwtxUe0s3dkg9u51iZ+GBGbK1W0NvidlRuqfoR4A==
x-fb-content-md5: a4308d392341f3ce52312b192e1ed467
cross-origin-opener-policy: same-origin-allow-popups
etag: "032e7785bc0a293913b4b5981c899bc5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Nov 2023 22:56:57 GMT

GET
H3 200 584 Show response
sandbox-api-esp.piano.io/publisher/fusion/lucid/data/ 4 KB
2 KB 373ms
335ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/publisher/fusion/lucid/data/584?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c981b3c5bf47d49badee8dc59f65fab6e398f761606f365f7066945cf7a71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"e74-aB5tUeSF38ou0TIQcgUtXubBRzQ"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76fe9c964c0188bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 584
sandbox-api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 179ms
142ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/publisher/fusion/lucid/data/584?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76fe9c952bf4dcd7-LHR
date: Sat, 26 Nov 2022 00:47:14 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 179ms
87ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31070969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80560238f8c512e3d34d8de4a211e389f828b254c4cc06ace4b466da10658158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119179
x-xss-protection: 0
server: cafe
etag: 3733482962650333506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 00:47:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame F115 10 KB
5 KB 152ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 50707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 10:42:07 GMT
etag: 10353107486223812946
expires: Fri, 09 Dec 2022 10:42:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/ 145 KB
50 KB 145ms
45ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?onload=onLoadCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

571d15e85825e4183d95663c917a6a7911346b2915ce796cff3ffba121474a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 23:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51072
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 23:39:58 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 138ms
60ms Fetch
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=391185391051135&input_token&origin=1&redirect_uri=https%3A%2F%2Fukr-mova.in.ua%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3ccc00b41180c55640a6806c1c191f45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Sat, 26 Nov 2022 00:47:14 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: RzyBkMb29SKysYxjn5BJhL7/KfwL00yrTynGC63koRRbfozP8PvI8INepBzhlImtR/2YghG3FjOb0rITCyZReg==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
699 B 149ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ukr-mova.in.ua&callback=_gfp_s_&client=ca-pub-6503488954991490&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31070969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61e326f8f8a66db5002f350f83da66286636e2d38bf6dd429e363518ac511c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 153ms
54ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
56ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC38 206 KB
53 KB 601ms
508ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&adk=1812271804&adf=3025194257&lmt=1669423635&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fukr-mova.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634712&bpp=3&bdt=520&idt=287&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4820022543065&frm=20&pv=2&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cfa426c00ae956e28514da60606dbdf4b3493ab146716051b9f82050dae0af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 54514
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:15 GMT
expires: Sat, 26 Nov 2022 00:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6175 22 KB
10 KB 439ms
357ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634715&bpp=1&bdt=523&idt=307&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=12s8zvSWcY&p=https%3A//ukr-mova.in.ua&dtd=312

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d98c723af2047a14667b0a35b22b28b6efa3cacc7aa534871e61f6b7a19d26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9826
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:15 GMT
expires: Sat, 26 Nov 2022 00:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D7D 20 KB
9 KB 640ms
563ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbfa91db8f299621318fc679b308788b8cc95e9fd03ee86df4f34f1dd808b4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9197
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:15 GMT
expires: Sat, 26 Nov 2022 00:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframeResizer.min.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 54ms
53ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vz.1.54.5-9e855a5&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11070
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"2e2f-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c987ed288bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 state-machine.min.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 48ms
46ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vz.1.54.5-9e855a5&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11070
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"f2a-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c988ed788bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 displayer.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 49ms
47ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vz.1.54.5-9e855a5&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11070
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"8abb-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c988ed988bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 displayer.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/widgets/sticky_bottom/ 2 KB
1 KB 49ms
47ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/sticky_bottom/displayer.js?v=vz.1.54.5-9e855a5&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a21f2c87fdaa803b3f6b750d7131ead9732d9214d1c555b873dfd5ff02d2001d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11070
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"135a-1849ae2bac8"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c988eda88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 displayer.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/ 5 KB
3 KB 50ms
49ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/displayer.js?v=vz.1.54.5-9e855a5&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11070
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"3b47-1849ae2bac8"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c988edb88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 1981 Show response
sandbox-api-esp.piano.io/publisher/unattended/ Frame 6A45 7 KB
3 KB 144ms
143ms Document
text/html 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655c5c0fa45b1d37b91ff86dbab415b2629df770c6eface88c3f5e14b7c03903

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000 public
cf-cache-status: DYNAMIC
cf-ray: 76fe9c991f6688bf-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 26 Nov 2022 00:47:15 GMT
etag: W/"1def-nIGxNCfphFjMxRl2lLV+Cy76U8E"
expires: Sun, 26 Nov 2023 00:47:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

POST
H3 200 700 Show response
sandbox-api-esp.piano.io/tracker/lucid/visit/ 65 B
545 B 173ms
172ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/visit/700?story_url=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=dvyou57n3eqd1gil

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b3ef41b4d68db74f810338bf81416859d36592bc03ed8236b4d14391d6e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-QJfJ/Klt2XM7UY3AeIObSIk+i9E"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76fe9c9a68c988bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 700
sandbox-api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 144ms
143ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/visit/700?story_url=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=dvyou57n3eqd1gil

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76fe9c9988addcd7-LHR
date: Sat, 26 Nov 2022 00:47:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 700 Show response
sandbox-api-esp.piano.io/push/sdk/event/ 39 B
520 B 155ms
154ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
access-control-allow-credentials: true
cf-ray: 76fe9c9a78cd88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 700
sandbox-api-esp.piano.io/push/sdk/event/ Frame 0
0 139ms
138ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76fe9c9998b9dcd7-LHR
date: Sat, 26 Nov 2022 00:47:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

OPTIONS
H3 200 700
sandbox-api-esp.piano.io/push/sdk/event/ Frame 0
0 291ms
291ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76fe9c9998c2dcd7-LHR
date: Sat, 26 Nov 2022 00:47:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 700 Show response
sandbox-api-esp.piano.io/push/sdk/event/ 39 B
521 B 144ms
144ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
access-control-allow-credentials: true
cf-ray: 76fe9c9b69fb88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6175 3 KB
1 KB 158ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634715&bpp=1&bdt=523&idt=307&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=12s8zvSWcY&p=https%3A//ukr-mova.in.ua&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 20:17:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6175 18 KB
8 KB 153ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6175 154 KB
48 KB 166ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6175 0
0 93ms
92ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJylME2KBY-jyCLDL7_UP4sOUgAnkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEtgFP0BMdSe85VUA2VMKYlIB7x_cpNOsTYVAmdrkCF5z_tLmqcrhtB4-rkZJKoWjLbLlvn2Gbs089lce5eSU1anLUDqefk_7Pqy8zM38X4Sw5bxqq2QD6uNhlwwSUOAaDnmcgJRZzpbu1ocmjYPbBgbY8zJ7nURWWvJ3CowzxrKkEcD_xfetPoM9UfX74yleio5xJx51-gZ2uF5RKKD6LjhuExLPxuO3u1cpxFn-6uK-TFUKCVkTZ44AGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTAzNDg4OTU0OTkxNDkwGAA&sigh=i8019PYOWAo&uach_m=[UACH]&cid=CAQSGwDq26N9iAtda1kOpIbjhSRl81Aylj__DFpvVxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634715&bpp=1&bdt=523&idt=307&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=12s8zvSWcY&p=https%3A//ukr-mova.in.ua&dtd=312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 00:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 00:47:15 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6175 0
0 167ms
39ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ktnxE7_6ROQImAKH-lcYAgAAANqw0-t8Sodvlro1-BASYoFjTejcLnv88rOoeZwAEgAA&wp=Y4FiEwACOWgIu-WwAAUh4rxDdW_z9K9gSEXZpQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 224564
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0952 151 KB
48 KB 248ms
124ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4FiEwACOWgIu-WwAAUh4rxDdW_z9K9gSEXZpQ&u=%7CGvkPb%2Bu%2FDAvo9JA1ekYK9lnHmbaTk9OSIXk3wRLU9Bo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RxwjSy8CuKuElHYFyvn63aqEV4Y3x61CFrpdbZU6iukb9QsKDh3l8gfCTSM5QhEorVkt8Mmqhg_y-LPziOFL9k7LyiVFCLkY192wvnLpZMouh4cDqghIWfanDisivgcUVEk7XnUDE9r-MG0OkpnEXj3vQ_EckAR2TzYBKKY7sfNzVSCKKfXoJkByfEi7ZsPJv-EYP15Zajw8M9FPJ67eazQRX4h_HldYCAV8fJtng6X98hhQPj9oycGAXf39qohRmaZv1jOwR0BiVkn9hNXX-9Md9E4lXRaCKDOXTmr6ccchbSKT4PvjC4fySx27zS1d6_xzm-iPP0LERpUVqSVNeRriMpjLRrxLW4RJpnzeHpqiIcfKM9EJN1vD0mmZUF2GsoVWmD0dOnHSuETePoX-_83185mVcQXH_Ia0XhHbupn9eHdWWpFGq5sSFtpPr1ECDyNlHQVuXOrYChezI7yGbVw2tgEs5db0gDDbQ6uY__jeEzihIUEVQiBergvc7d98dHlpy62XAKKmAOFLvzeNX0CZ6QEiusrwI1j4P_dWnnQraWlau61zA8olD7f5-cuvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_VM3E2KBY-jyCLDL7_UP4sOUgAnkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEuQFP0BMdSe85VUA2VMKYlIB7x_cpNOsTYVAmdrkCF5z_tLmqcrhtB4-rkZJKoWjLbLlvn2Gbs089lce5eSU1anLUDqefk_7Pqy8zM38X4Sw5bxqq2QD6uNhlwwSUOAaDnmcgJRZzpbu1ocmjYPbBgbY8zJ7nURWWvJ3CowzxrKkEcD_xfetPoM9UfX74yleio5wLxbzsUj9cEge4J6YI6ocvx6f7BOfAzRH_jRsmGRCNOVpT0a7ccLV1HIAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1uuhmlgNE-4RwR4yC-qoslPe91KQ%26client%3Dca-pub-6503488954991490%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ff43e3e2a698cce2996a9769a2f8e5a299764541a43d88a4a0a9c536e03ff03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TgkGMoaZXyHY-mcRMEqJIZQ_zRprRH_U0K7WWmvV0jcSMFfIOg-Yc357bmN0NlnVzXeip3KKukMuOmqsnOyyc1UB4v2pZvRd_EpKlTSWUBpAgTF-j6tzUq6xPb7VuSfpYMq5VlI7xa4R_JFCm6BFSHqA7mzbauv43dc6AqQ_qfY5AXaOtS6UzAxv1ixHWU8G24eCcQh7v2iUCWVkmz9bwmx0nq7T8S_N-3V2P4ci3JDM89wrxxsgMtZmqg0zIEpQ5ycYzQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 84134833
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 styles.css
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/ Frame 6A45 3 KB
2 KB 50ms
49ms Stylesheet
text/css 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/styles.css?v=vz.1.54.5-9e855a5

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e5c5a378ee4fa9b338c69434dc4b624749b170c0a09bbe8d8c1d14e2391335

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"123a-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c9a086b88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 styles.css
sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/ Frame 6A45 2 KB
1 KB 52ms
50ms Stylesheet
text/css 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/styles.css?v=vz.1.54.5-9e855a5

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90532202ccd82df3cbc1db9c4aa50fd85dc2bc50dcbe39f37c36da16889d3009

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"ab7-1849ae2bac8"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c9a186d88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ Frame 6A45 84 KB
29 KB 144ms
43ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-14e55"
vary: Accept-Encoding
x-hw: 1669423635.dop006.lo4.t,1669423635.cds265.lo4.hn,1669423635.cds254.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H3 200 state-machine.min.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/lib/state-machine/ Frame 6A45 4 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/lib/state-machine/state-machine.min.js

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"f2a-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c9a186f88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 iframeResizer.contentWindow.min.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/lib/iframeResizer/ Frame 6A45 12 KB
5 KB 51ms
50ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/lib/iframeResizer/iframeResizer.contentWindow.min.js

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e8e00881d1c861282dfedc25dab47cb9140df10ad6221367451780907e47fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"3411-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c9a187088bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 form.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/ Frame 6A45 8 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/form.js?v=vz.1.54.5-9e855a5

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a9fc41a0e356987fe32c9ada7bd7fcd26b21436d18e94229d1b58f4cef50a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"3a15-1849ae2bac4"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c9a187188bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H3 200 form.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/ Frame 6A45 2 KB
1 KB 52ms
51ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/form.js?v=vz.1.54.5-9e855a5

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323e72bcc317bd42257844c45b1631b698ee06f75eed96b1bd6538ad10fb2052

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"f7c-1849ae2bac8"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 76fe9c9a187288bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A45 2 KB
1 KB 167ms
53ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 00:15:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 00:47:15 GMT

GET
DATA 200
OK truncated
/ Frame 6175 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80a3a201c48121ca169360ff34542bc313b1b6831367c5d22cd6096b46b803c0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 150 KB
51 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js?bust=31070969

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d01ecdb74c50c92c1f50356998f6f6e06ede0457a2ff53fbce12b74face63d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52289
x-xss-protection: 0
server: cafe
etag: 15657648210327063850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 00:47:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6A9E 624 B
245 B 57ms
56ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CImIHhC38pyQAhiqttbXATAB&v=APEucNUJZ4bcR_zo0kcwF6o6cp9wrp2VAaZsc2MlWnKAarK_xQz6Qb9wFpK0tA_P7Clh6Dw06B23EdKJpEkm69iBHjGajEaar0rVRSNPV9m3HyVdxBabWz-6omIvQHPTiI4Rbs-0tMlbKM80FqN70GQ5RquLl-SGXj2uAs0U3eFaOlU5zIvyytQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:15 GMT
expires: Sat, 26 Nov 2022 00:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E984 28 KB
17 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3wBU8-uoU5BoyYVgKNxdh-H6og3i-iRU_M_xiSwbIRlbGMmr1-n0xMlm81TKhhZp8JOQo8nTGWTbOJ_53cF58SBmdORqL5vre87Jf_QYweI1Q5lKEBLbrPD4FNQzv-eogyd8foqK35xz9kwJBRIgZ_Z0zYTFVbijQmYrQwQEe8BOjKM4&cry=1&dbm_d=AKAmf-BFWGXJN8fHjTdCoXp78I03FdSJ7YexADO8r8W-0VNgMqOWi2z7_nzn-dao-op5XLPk-ZyrVgVuh-zArRC_-Rrwmbj1U_CsXQoioERQ6ZPR-ihcW6nTnmfkDIrKT1l_63twMJT8UIUmqCtttRRKETnD0F9Snh3z-3fnoR0TVETzlyqpblFlGsXPd9ZuqR9vevgidU2e9BjzTiFtda38CN4R1ZwpTul7bWNo1ykXfeynutrkRD1vLhSBoHdVgXZqnZSWmyHG6I4GFJ8O59WkMj3-lvWZPgiSzUOz95WeSsg6OJ4JXdrrLI8inBSlATtbg95_BhmcseKAlplhW8Zm2mUhQeRp-0wMRQa1jDcoAiDbKFlRvycOJVhbpHObGGvbNljA7H4_dHtBReHWxehtMX2vPBF0UyaALdk3KRJMbrZhPKE9aYii1_qyeKPV1zxWpXjsZXs0qjXbMEu4o-AEwtVQJ-8IlB_m_4D6ccRgtXhi1qvEe8-LQS9QLHhq-VrJ4GohLKnStJ2yzM6pd9uJe4c6wbm1JzuD0Hq5KO392fkKSjc4YNBgH5qhb-47Wjyjn2EC-E9JQtv2QK5viuQSpo9EYh8Yo2YxEgsxBRLDI17kl6t8_4m1lZBPmmmVhChrzXyvgTvAhWBjF9oSfMEcUJYHyxtHDtMG4f3DibvFDsSVd9DzJu1d2d2857BXXWLSxTqafwb96IGHJXvkmfs3kcpQKLmeeyl1cQF2lDnDvdn-xHdkvB08jU4a9gK1xhFijSVl6BoKRmie3CEx_Dh9rvAJUBGKjtzIg4byKXYgsCITfDne88yEG57eniBFDOtQJpY47TCewLnNXaLjdc7_54ODggcvKAOl1WTKAmz6toNag2FUGoP6NkaEGsU6P5Ix5_5E208F710CXS-YudD5jglhtoqhZEx6VKr0tuSj6AY1zO96jH_BjwXCnghA8MVO-z8G9UVx-C0MIaLrU8g9DJ-RzOUvhrWyMzb27wUXm_f9VbVQmZlhBEwrvSKzMyC2FmjuUIw-kCKbPJX0fKC-uvAs3tH5yJzIGxgKWEkc0nG0AwEby9JRnbttKO3L4Zx5ZOVML9C8W9THdj9b_17jQsmLlzE4Rx55ngIs_kQP10c8fLBFsdbRS3Wes9h4oUZtuGwg6slpjhg8PuYEiuOUdm9zh-5EbFrTJSDDVVJuI6a2mvryLl5Yrlpxn4g4jafDQ1AW2pYBUrhM-sD5zBxr5gpUcMSwY4JinwY8Ftm-2_wcYrT4lFk6_pJ2rEftIxpS2gNnE7JNh6BAklAEb12QH12_Go_iIt9OMvUeUdzW-OJBQ1hwxq3r5T5Pp9cPOGR20hV-mZcC6etzE2Bd9wIE4yNgSbwxGANKVXMvcYDFlfXRQ_4aIUl8NclgNdytvD06j7pu7Jq-APjvgzWdyQZ-yWF7Kyi1fVPgRpHYwavNyx77GFBFxuMG1unY1Y1bKH0haOlyo9kxytlb2gK5XROxpRy8HTHoX8najO8kpZcRVllrhh-LerLc0b3J2-O0cAZTf2fUghLFgJQ7NnoSHWStK_yT08rsB_ejuIlKPZbo9Ry8Qd6JliLJHIgEpNATm0X85SYNUlXNHK5HCCBmUqGt7hVlrQiXK10mKp0VOoXPzG6w_OGk7bIaKY0wkVtEFan67ca4H9LeIniXtx_HU-gLDB9HFdaaRXbaJB9WuH130_BE32pjx67O6d2ntpAF71U8-rKdoHa1lm7lTvGUSA-7kPQhdfbt14o3dhLsNsXawfUmlQsDWNMBjZoqtqi-IfLXXHafsiQL6uHOn50UM-JzWWEkWdcYeAIyXOhdu3GGjBKP-6ASJjZAvtxmVLWJcRIQCqS-qMpdUaSS0cJOZmVj4En6PpIrEruAaGjABK93x3lOz4TLBDECsUn8bssSRdbECZRY9KGFbiGE96P81JWEf94j5bAJNYB9DCZbdTxNdKfDdcT9soiTPkXTmmq7mkai1yr5RPKLw_GHy-G3zUp6kNWJVL6frZ0bXuaDFVWz0oQdXQ4vtsY1WgIhIYCSutAjDA0VHHiqtpLZ4tjxaTx_6nQCkw8NAOi_fuF-M3hQB59TEJ4eonVokcou0WrxZKuaUJYqiM6g20htFOkd2rnwDUqC7HeNZ2zjyiYpa-ynDyINrWX2tiOFdaa4IrEuRO8ZrCaDyfxGXUt8R3ogLlpXfcqroFrWkSK1zM8lWaId9-xaCtIj4FqXVUMgnYS2tMM0Mn_OAD_5oJILf3MYF82GutnZYgSq1j1BsWP2s_DMfU9wOMflyGUFRUf2CVvxVL7GTZrVAdSAUx1jLRGZs5r3JzvR8cHQR0aXSKg-4WIMNwgGA8pF5fjU0y4ipSr5PU6re14wPUdzsZS4A-55B8eOUOverFkByBc4bgUMx3BK4eQJzHjUkpfUNkFMsWMQIRWhfMf-M_wWnGlss0iB9WdZefHfgx5GxCW_7qEeq2JEXNgVxvix2ahGlJ8nvOvMOfxgSEFnp423HnyUA3191qJbL3pylwYtACMUUTYg0kD_Qsmq1rOD6B4b6wvjBzpYa8xZnSMu6MYgzAPgHaeRh9x44b8wNKWAVJkyMH_EMUrD6IGz728ZARVq8uMb2Sl9CBXryleLqZgpuIrg8oJ1IynpkqXUaqIdOegu4uxxmm5nqCQoR0WuPtV0JnF3xxgT8pyJvlKPxgwEsXY249NAewjaEfpJTtpvUwtaxW6gXCzeQQj0ypCGfo9Yhofew4ngij23Xnd5VM8Vm0PVUgvDUeL19p9rzWldf0I7Jk4htu3yo7DpyyPs5EGpChbRjPK73xf81mz7G2v64R0Tw4RkzynXwPKv0BtvS2ZzvNFsBro1Ijn0Kkq4ibIJgo2gCQ-mwHxZopmvZkatqlg04vBYwMRQ-4SHHHt7ZMI6k4uSmxB4nYenL4oH3glGtkIsyUZbjdfBtpwQNVWDBmacxg3F7gUahCl0WY12C8v5f9k3cBbUepXkBmqR94-x5BqC54q4xEvTP6Hcflgds63bq2-U-Hsr6Ui-9HeUcpWaVH2_bxl2KsS8lHDWei6T0NtWunEPSUkM3Z0IrcTswdW9bljtMY3yZUs3hPRyBbUCbbNWh-fdjNjJgqEfZQj37u0Mby2GnAKtKCW2iI8bA-iMy05RQJsMRGbmSpJK4oXXazWeCXIY-BqVu5DKqRorlQ_Ix6hY5EwF2MqDDFs47hOAQzuOv5AcdMsKih8vqQ&cid=CAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM&rfl=2%2Chttps%253A%252F%252Fukr-mova.in.ua%252F%240

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463e41c75bb982420f490e275ffd2aa97322a9943d72c90acabf6d581b97f0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17139
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/572802/66746211/dcm/ Frame E984 237 KB
71 KB 152ms
44ms Script
application/javascript 63.34.236.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/572802/66746211/dcm/dcmads.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.236.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-236-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 09fbf9e8b811099795216f3407d42235f49422a91c4ab91d29228fa89020e9f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E984 3 KB
1 KB 145ms
51ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 20:17:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E984 18 KB
7 KB 138ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E984 154 KB
47 KB 145ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E984 42 B
63 B 80ms
79ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AU_z9eF3qE9RcIA7CRmRjpAeBPAfUXoQhAs_0lIuK8fLnlRe9mvBKKdR2wNDjpn-_dp0Y0nFJz1YdC6B2y1OQvV90ouKFFPQoMUtjlr8cpSuq4ez4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icomoon.woff
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/fonts/ Frame 6A45 3 KB
2 KB 56ms
55ms Font
application/font-woff 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/fonts/icomoon.woff?vz.1.54.5-9e855a5

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=57&v=vz.1.54.5-9e855a5
Origin: https://sandbox-api-esp.piano.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 11069
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Nov 2022 15:51:01 GMT
server: cloudflare
etag: W/"b70-1849ae2bac4"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76fe9c9b49d388bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 26 Nov 2023 00:47:15 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0952 2 KB
1 KB 129ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4FiEwACOWgIu-WwAAUh4rxDdW_z9K9gSEXZpQ&u=%7CGvkPb%2Bu%2FDAvo9JA1ekYK9lnHmbaTk9OSIXk3wRLU9Bo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RxwjSy8CuKuElHYFyvn63aqEV4Y3x61CFrpdbZU6iukb9QsKDh3l8gfCTSM5QhEorVkt8Mmqhg_y-LPziOFL9k7LyiVFCLkY192wvnLpZMouh4cDqghIWfanDisivgcUVEk7XnUDE9r-MG0OkpnEXj3vQ_EckAR2TzYBKKY7sfNzVSCKKfXoJkByfEi7ZsPJv-EYP15Zajw8M9FPJ67eazQRX4h_HldYCAV8fJtng6X98hhQPj9oycGAXf39qohRmaZv1jOwR0BiVkn9hNXX-9Md9E4lXRaCKDOXTmr6ccchbSKT4PvjC4fySx27zS1d6_xzm-iPP0LERpUVqSVNeRriMpjLRrxLW4RJpnzeHpqiIcfKM9EJN1vD0mmZUF2GsoVWmD0dOnHSuETePoX-_83185mVcQXH_Ia0XhHbupn9eHdWWpFGq5sSFtpPr1ECDyNlHQVuXOrYChezI7yGbVw2tgEs5db0gDDbQ6uY__jeEzihIUEVQiBergvc7d98dHlpy62XAKKmAOFLvzeNX0CZ6QEiusrwI1j4P_dWnnQraWlau61zA8olD7f5-cuvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_VM3E2KBY-jyCLDL7_UP4sOUgAnkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEuQFP0BMdSe85VUA2VMKYlIB7x_cpNOsTYVAmdrkCF5z_tLmqcrhtB4-rkZJKoWjLbLlvn2Gbs089lce5eSU1anLUDqefk_7Pqy8zM38X4Sw5bxqq2QD6uNhlwwSUOAaDnmcgJRZzpbu1ocmjYPbBgbY8zJ7nURWWvJ3CowzxrKkEcD_xfetPoM9UfX74yleio5wLxbzsUj9cEge4J6YI6ocvx6f7BOfAzRH_jRsmGRCNOVpT0a7ccLV1HIAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1uuhmlgNE-4RwR4yC-qoslPe91KQ%26client%3Dca-pub-6503488954991490%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0952 2 KB
1 KB 130ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0952 308 B
637 B 119ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0952 293 B
621 B 119ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0952 43 B
348 B 144ms
41ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Z3RmTZ2oPgULSUfraN9cGFA64Hl1Fj9TKlth2V20eu75ZkJ2OPo8yz5L8S6A9fisuueLE_GYFQcZj-an_Uqr2mVyeK2XKBKJX1qDDD91LGHBAFS0HGCeapYC982pfKOICdPHVr3yw8kQ11YB9y3oCz964Rhw9vtbQTgwhzskIlkoycAbz8DhWarYHTL3gauRExddYtdet6QGU47rvlXu8Y81Pski-VIT81CplbnJutKDCf7buSKd0-CknNUDtMRqYxWB34O82BBpLFi3MTta_4ugUtHKFNbxHdO2DWoSV996OHXV3_IsOwzbRtFEwUC6ldIoUngiR1DTagdDqE__UmCyISmBBkW8Cpi8Qnt_C3BY8gKAGQKLwX41lQgQPfAtgeOlqH3Ks3meZb8JvAAZunj7PKS4Ul3yQOdSxAZ7gytEusfqix3_n5RGLCQMG2qkmJNdDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3386535
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6A9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1&C=1

43 B
766 B

44ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImIHhC38pyQAhiqttbXATAB&v=APEucNUJZ4bcR_zo0kcwF6o6cp9wrp2VAaZsc2MlWnKAarK_xQz6Qb9wFpK0tA_P7Clh6Dw06B23EdKJpEkm69iBHjGajEaar0rVRSNPV9m3HyVdxBabWz-6omIvQHPTiI4Rbs-0tMlbKM80FqN70GQ5RquLl-SGXj2uAs0U3eFaOlU5zIvyytQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 00:47:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 00:47:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6A9E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4FiE7WAsunQgIpiSZUbTQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1

43 B
766 B

44ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImIHhC38pyQAhiqttbXATAB&v=APEucNUJZ4bcR_zo0kcwF6o6cp9wrp2VAaZsc2MlWnKAarK_xQz6Qb9wFpK0tA_P7Clh6Dw06B23EdKJpEkm69iBHjGajEaar0rVRSNPV9m3HyVdxBabWz-6omIvQHPTiI4Rbs-0tMlbKM80FqN70GQ5RquLl-SGXj2uAs0U3eFaOlU5zIvyytQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 00:47:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoHUALWRMrf4C5CDENxzzw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6A9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDQoSluNnBHQS5zRqHea9fQ&google_cver=1

43 B
1020 B

102ms
39ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDQoSluNnBHQS5zRqHea9fQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImIHhC38pyQAhiqttbXATAB&v=APEucNUJZ4bcR_zo0kcwF6o6cp9wrp2VAaZsc2MlWnKAarK_xQz6Qb9wFpK0tA_P7Clh6Dw06B23EdKJpEkm69iBHjGajEaar0rVRSNPV9m3HyVdxBabWz-6omIvQHPTiI4Rbs-0tMlbKM80FqN70GQ5RquLl-SGXj2uAs0U3eFaOlU5zIvyytQ

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 00:47:16 GMT
AN-X-Request-Uuid: 94482a68-6d7a-4a4b-8dd6-577700a59252
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDQoSluNnBHQS5zRqHea9fQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A9E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMTkyNzU3ODM3MjcyNDY5OA%3D%3D

170 B
188 B

145ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMTkyNzU3ODM3MjcyNDY5OA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 00:47:15 GMT
AN-X-Request-Uuid: 34554319-835e-49a7-89f1-b43f71297974
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMTkyNzU3ODM3MjcyNDY5OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 142ms
53ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 142ms
53ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame BCBF 10 KB
4 KB 45ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 50598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Fri, 09 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 2C72 10 KB
4 KB 44ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 50598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Fri, 09 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0952 12 KB
5 KB 109ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 273103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fnja5h8TC3wdpzAFfQKCD6x6giaPsEKwl3xxKeOdIiGlNQ7u92z9Oi%2BOADxKCE2k5Dm%2FYf9ScsnK%2B6tIrT6Kg6EfZi%2Ffc4kjYIOQqJMLygGv32LUjhzmc%2F9J6qIZQbR8lJH6w%2FNyTAXNyQeMHKDeIkwF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76fe9c9c6a3c76ed-LHR
expires: Thu, 16 Nov 2023 00:47:15 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0952 12 KB
6 KB 75ms
39ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E984 29 KB
11 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3wBU8-uoU5BoyYVgKNxdh-H6og3i-iRU_M_xiSwbIRlbGMmr1-n0xMlm81TKhhZp8JOQo8nTGWTbOJ_53cF58SBmdORqL5vre87Jf_QYweI1Q5lKEBLbrPD4FNQzv-eogyd8foqK35xz9kwJBRIgZ_Z0zYTFVbijQmYrQwQEe8BOjKM4&cry=1&dbm_d=AKAmf-BFWGXJN8fHjTdCoXp78I03FdSJ7YexADO8r8W-0VNgMqOWi2z7_nzn-dao-op5XLPk-ZyrVgVuh-zArRC_-Rrwmbj1U_CsXQoioERQ6ZPR-ihcW6nTnmfkDIrKT1l_63twMJT8UIUmqCtttRRKETnD0F9Snh3z-3fnoR0TVETzlyqpblFlGsXPd9ZuqR9vevgidU2e9BjzTiFtda38CN4R1ZwpTul7bWNo1ykXfeynutrkRD1vLhSBoHdVgXZqnZSWmyHG6I4GFJ8O59WkMj3-lvWZPgiSzUOz95WeSsg6OJ4JXdrrLI8inBSlATtbg95_BhmcseKAlplhW8Zm2mUhQeRp-0wMRQa1jDcoAiDbKFlRvycOJVhbpHObGGvbNljA7H4_dHtBReHWxehtMX2vPBF0UyaALdk3KRJMbrZhPKE9aYii1_qyeKPV1zxWpXjsZXs0qjXbMEu4o-AEwtVQJ-8IlB_m_4D6ccRgtXhi1qvEe8-LQS9QLHhq-VrJ4GohLKnStJ2yzM6pd9uJe4c6wbm1JzuD0Hq5KO392fkKSjc4YNBgH5qhb-47Wjyjn2EC-E9JQtv2QK5viuQSpo9EYh8Yo2YxEgsxBRLDI17kl6t8_4m1lZBPmmmVhChrzXyvgTvAhWBjF9oSfMEcUJYHyxtHDtMG4f3DibvFDsSVd9DzJu1d2d2857BXXWLSxTqafwb96IGHJXvkmfs3kcpQKLmeeyl1cQF2lDnDvdn-xHdkvB08jU4a9gK1xhFijSVl6BoKRmie3CEx_Dh9rvAJUBGKjtzIg4byKXYgsCITfDne88yEG57eniBFDOtQJpY47TCewLnNXaLjdc7_54ODggcvKAOl1WTKAmz6toNag2FUGoP6NkaEGsU6P5Ix5_5E208F710CXS-YudD5jglhtoqhZEx6VKr0tuSj6AY1zO96jH_BjwXCnghA8MVO-z8G9UVx-C0MIaLrU8g9DJ-RzOUvhrWyMzb27wUXm_f9VbVQmZlhBEwrvSKzMyC2FmjuUIw-kCKbPJX0fKC-uvAs3tH5yJzIGxgKWEkc0nG0AwEby9JRnbttKO3L4Zx5ZOVML9C8W9THdj9b_17jQsmLlzE4Rx55ngIs_kQP10c8fLBFsdbRS3Wes9h4oUZtuGwg6slpjhg8PuYEiuOUdm9zh-5EbFrTJSDDVVJuI6a2mvryLl5Yrlpxn4g4jafDQ1AW2pYBUrhM-sD5zBxr5gpUcMSwY4JinwY8Ftm-2_wcYrT4lFk6_pJ2rEftIxpS2gNnE7JNh6BAklAEb12QH12_Go_iIt9OMvUeUdzW-OJBQ1hwxq3r5T5Pp9cPOGR20hV-mZcC6etzE2Bd9wIE4yNgSbwxGANKVXMvcYDFlfXRQ_4aIUl8NclgNdytvD06j7pu7Jq-APjvgzWdyQZ-yWF7Kyi1fVPgRpHYwavNyx77GFBFxuMG1unY1Y1bKH0haOlyo9kxytlb2gK5XROxpRy8HTHoX8najO8kpZcRVllrhh-LerLc0b3J2-O0cAZTf2fUghLFgJQ7NnoSHWStK_yT08rsB_ejuIlKPZbo9Ry8Qd6JliLJHIgEpNATm0X85SYNUlXNHK5HCCBmUqGt7hVlrQiXK10mKp0VOoXPzG6w_OGk7bIaKY0wkVtEFan67ca4H9LeIniXtx_HU-gLDB9HFdaaRXbaJB9WuH130_BE32pjx67O6d2ntpAF71U8-rKdoHa1lm7lTvGUSA-7kPQhdfbt14o3dhLsNsXawfUmlQsDWNMBjZoqtqi-IfLXXHafsiQL6uHOn50UM-JzWWEkWdcYeAIyXOhdu3GGjBKP-6ASJjZAvtxmVLWJcRIQCqS-qMpdUaSS0cJOZmVj4En6PpIrEruAaGjABK93x3lOz4TLBDECsUn8bssSRdbECZRY9KGFbiGE96P81JWEf94j5bAJNYB9DCZbdTxNdKfDdcT9soiTPkXTmmq7mkai1yr5RPKLw_GHy-G3zUp6kNWJVL6frZ0bXuaDFVWz0oQdXQ4vtsY1WgIhIYCSutAjDA0VHHiqtpLZ4tjxaTx_6nQCkw8NAOi_fuF-M3hQB59TEJ4eonVokcou0WrxZKuaUJYqiM6g20htFOkd2rnwDUqC7HeNZ2zjyiYpa-ynDyINrWX2tiOFdaa4IrEuRO8ZrCaDyfxGXUt8R3ogLlpXfcqroFrWkSK1zM8lWaId9-xaCtIj4FqXVUMgnYS2tMM0Mn_OAD_5oJILf3MYF82GutnZYgSq1j1BsWP2s_DMfU9wOMflyGUFRUf2CVvxVL7GTZrVAdSAUx1jLRGZs5r3JzvR8cHQR0aXSKg-4WIMNwgGA8pF5fjU0y4ipSr5PU6re14wPUdzsZS4A-55B8eOUOverFkByBc4bgUMx3BK4eQJzHjUkpfUNkFMsWMQIRWhfMf-M_wWnGlss0iB9WdZefHfgx5GxCW_7qEeq2JEXNgVxvix2ahGlJ8nvOvMOfxgSEFnp423HnyUA3191qJbL3pylwYtACMUUTYg0kD_Qsmq1rOD6B4b6wvjBzpYa8xZnSMu6MYgzAPgHaeRh9x44b8wNKWAVJkyMH_EMUrD6IGz728ZARVq8uMb2Sl9CBXryleLqZgpuIrg8oJ1IynpkqXUaqIdOegu4uxxmm5nqCQoR0WuPtV0JnF3xxgT8pyJvlKPxgwEsXY249NAewjaEfpJTtpvUwtaxW6gXCzeQQj0ypCGfo9Yhofew4ngij23Xnd5VM8Vm0PVUgvDUeL19p9rzWldf0I7Jk4htu3yo7DpyyPs5EGpChbRjPK73xf81mz7G2v64R0Tw4RkzynXwPKv0BtvS2ZzvNFsBro1Ijn0Kkq4ibIJgo2gCQ-mwHxZopmvZkatqlg04vBYwMRQ-4SHHHt7ZMI6k4uSmxB4nYenL4oH3glGtkIsyUZbjdfBtpwQNVWDBmacxg3F7gUahCl0WY12C8v5f9k3cBbUepXkBmqR94-x5BqC54q4xEvTP6Hcflgds63bq2-U-Hsr6Ui-9HeUcpWaVH2_bxl2KsS8lHDWei6T0NtWunEPSUkM3Z0IrcTswdW9bljtMY3yZUs3hPRyBbUCbbNWh-fdjNjJgqEfZQj37u0Mby2GnAKtKCW2iI8bA-iMy05RQJsMRGbmSpJK4oXXazWeCXIY-BqVu5DKqRorlQ_Ix6hY5EwF2MqDDFs47hOAQzuOv5AcdMsKih8vqQ&cid=CAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM&rfl=2%2Chttps%253A%252F%252Fukr-mova.in.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 13:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E984 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 0952 27 KB
28 KB 115ms
39ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0952 7 KB
7 KB 133ms
38ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=504&s=D-mF6hKwm0qUlh7xvyYZwpBQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3f92b60402d96c032768de952345a732034e540494cf667d9240370f7efa6ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29144832
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7086
expires: Sun, 29 Oct 2023 08:34:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0952 0
128 B 139ms
39ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TgkGMoaZXyHY-mcRMEqJIZQ_zRprRH_U0K7WWmvV0jcSMFfIOg-Yc357bmN0NlnVzXeip3KKukMuOmqsnOyyc1UB4v2pZvRd_EpKlTSWUBpAgTF-j6tzUq6xPb7VuSfpYMq5VlI7xa4R_JFCm6BFSHqA7mzbauv43dc6AqQ_qfY5AXaOtS6UzAxv1ixHWU8G24eCcQh7v2iUCWVkmz9bwmx0nq7T8S_N-3V2P4ci3JDM89wrxxsgMtZmqg0zIEpQ5ycYzQ&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0952 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0952 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:15 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame BCBF 4 KB
636 B 145ms
56ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 00:18:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 00:47:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCBF 205 B
742 B 138ms
43ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:50:10 GMT
x-content-type-options: nosniff
age: 3425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Nov 2023 23:50:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCBF 604 B
694 B 139ms
44ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:58:43 GMT
x-content-type-options: nosniff
age: 2913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Nov 2023 23:58:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame BCBF 19 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 11:55:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C72 0
0 90ms
90ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc6rhE2KBY9CJCY617_UP0ZSuqAXkj9KxXOeR4oiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEtgFP0KpXVj2x2mahtd605N0S5P7UH4MfPKWZxkYB5yW5Wx1LfAPfcILASwWvvKwyB3h1J1y_YwJUXSIp1qpp2BhHMArodLPf_SbFAabyfnQ94Cv93Ly0DGSZK8Cv-TKjk6SYO1flfcX7OuSFmRpTsrDOR2S3Sn23ARilwpkM_dlHhKxGpT5dLKjw1P1oDa8ln1v1kFL5gUP2BGaqFnkh1wvZ2KHPotV2VWdflEs36BUfYEPF4KUk3IAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTAzNDg4OTU0OTkxNDkwGAA&sigh=iG1xesbNjsw&uach_m=[UACH]&cid=CAQSGwDq26N9qpgOhTfWXyksg2lEA7n1GSr2TjkfIxgBIBM

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 00:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2C72 0
0 140ms
39ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ktnxE7_6RO0HfIf6VxgCAAAAqD5yz80wu4SWujX4EBJigWMFVi2ieYB1wZ-PkgASAAA&wp=Y4FiEwACRNAIu9qOAAuKUfZ5WGBaRKZ_Q4Wshw

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 308171
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1DAC 180 KB
55 KB 126ms
125ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4FiEwACRNAIu9qOAAuKUfZ5WGBaRKZ_Q4Wshw&u=%7CGvkPb%2Bu%2FDAtG%2B7%2Fmsp8IjpM4SNmNuUFjKxzjvLZ6rUo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RxwjSy8CuKuElHYFyvn63a_dIUoRWUI2GpvG1RqMB7yjmVT2T11hDQJdBF_5rIgGPIG3BeddC9d6V6Z2-oiBpfgjWH5T_-xbRCZnYxQmNpw1Ddn4ciKZkDXTY1Qe4zEymZJ7p1I0Pxo-Up-fwYQjmBhNiXzu8VH6vrVT-57tAKeRcp8QP4qbVDQ41p7qlJFVWcIyGje8_dt4E1TAhg4mVF9bvTJ_83ObF4KUtgk9H9F3qlZJaG4zIKak3Oft8OFBijzrXmGmxmMz6Bakr6Z4KJ9b-ybU0nPiydLf5TkWm7KqMrgK05fmpXWoDoI08399XhjfPQFqrJrKNX2eM1RdWLLKlhZiNvPqfx74IiOT_z2_jjlQ1RvsLHRz95cBvpdoQRDDPQiplQ0ZW2v75bX1WKYNA3Hu3_QdT58FCWVoxVtQ3CO0fYulWlbq9KHftE0kGswMTaRJwclYTrpBdoujsMtxqiOntJjA4dj_VsSnteVsKIy9mL9bwVnqWstloPZos4b8Xfl4AWRDrqvCLqIhj56SsfL0i-EB6-R68t0rRpLqP-2iPf2OEvdKQmnLO0ElbcZq8FyvYqCg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXctgE2KBY9CJCY617_UP0ZSuqAXkj9KxXOeR4oiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEuQFP0KpXVj2x2mahtd605N0S5P7UH4MfPKWZxkYB5yW5Wx1LfAPfcILASwWvvKwyB3h1J1y_YwJUXSIp1qpp2BhHMArodLPf_SbFAabyfnQ94Cv93Ly0DGSZK8Cv-TKjk6SYO1flfcX7OuSFmRpTsrDOR2S3Sn23ARilwpkM_dlHhKxGpT5dLKjw1P1oDa8ln1u3knNrUuEEAfVYGeGis5dy27XFHt9YTbzRDy-rSaoBTFsUZ08hT_ffXYAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0D3yfuguzxzbbtrcSBrWJP7E9BjQ%26client%3Dca-pub-6503488954991490%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fef0affa6c8b20e485d3651323f3217f12aa7b190262517c2429bcaf48f2859d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XC_3ooaZXyHY-mcRUW8hWZvpevzTv6DljyigGPeqqKqHCxutfntxo_J52bimdWUF2nuLMuTadGCHmWj8UYM3W-A-CVouU5nHOjbxecj_GR78Y0wTk-x0tGZfJWSj7PUn8kjoL_IMXWEjmM2-2OvNLSTrRnxzaZJNRVi1vBkhaxUs4sHC0Oh7xXLapkY2NU6VOfKsNc25D-mGF8-I9dY7FJ8XPK3cvGsBsUiyenpUigrrEx9zP7vagRKIGVGrk2wqiLYPdQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 85576886
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2C72 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 20:17:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2C72 18 KB
7 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C72 154 KB
47 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 717D 22 KB
8 KB 45ms
44ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 44604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2C72 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d89bd3c368e6b0f67dec73a6deabcf1db848d10d528b06904709280adb429cfd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame E984
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/572802/66746211/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fukr-mova.in.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fukr-mova.in.ua%2F&adsafe_ty...
https://www.googletagservices.com/dcm/dcmads.js

28 KB
11 KB

45ms
45ms

Script
text/javascript

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 26 Nov 2022 01:26:07 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 714B 91 KB
23 KB 177ms
51ms Script
application/javascript 2600:9000:21f3:e800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 949376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: UlRz9ltTuqY3XlrA4Q1auxdLOeYWiJJ-mjShIUkwgxWLcEAiXkCjNA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
216 B 350ms
107ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UORB,pingTime:-3,time:63,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,rmeas:1,rend:0,renddet:svg.us,siq:22%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
215 B 348ms
108ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UORC,pingTime:-6,time:64,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,rmeas:1,rend:0,renddet:svg.us,siq:22%7D&tpiLookup=ao:ukr-mova.in.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1DAC 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4FiEwACRNAIu9qOAAuKUfZ5WGBaRKZ_Q4Wshw&u=%7CGvkPb%2Bu%2FDAtG%2B7%2Fmsp8IjpM4SNmNuUFjKxzjvLZ6rUo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RxwjSy8CuKuElHYFyvn63a_dIUoRWUI2GpvG1RqMB7yjmVT2T11hDQJdBF_5rIgGPIG3BeddC9d6V6Z2-oiBpfgjWH5T_-xbRCZnYxQmNpw1Ddn4ciKZkDXTY1Qe4zEymZJ7p1I0Pxo-Up-fwYQjmBhNiXzu8VH6vrVT-57tAKeRcp8QP4qbVDQ41p7qlJFVWcIyGje8_dt4E1TAhg4mVF9bvTJ_83ObF4KUtgk9H9F3qlZJaG4zIKak3Oft8OFBijzrXmGmxmMz6Bakr6Z4KJ9b-ybU0nPiydLf5TkWm7KqMrgK05fmpXWoDoI08399XhjfPQFqrJrKNX2eM1RdWLLKlhZiNvPqfx74IiOT_z2_jjlQ1RvsLHRz95cBvpdoQRDDPQiplQ0ZW2v75bX1WKYNA3Hu3_QdT58FCWVoxVtQ3CO0fYulWlbq9KHftE0kGswMTaRJwclYTrpBdoujsMtxqiOntJjA4dj_VsSnteVsKIy9mL9bwVnqWstloPZos4b8Xfl4AWRDrqvCLqIhj56SsfL0i-EB6-R68t0rRpLqP-2iPf2OEvdKQmnLO0ElbcZq8FyvYqCg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXctgE2KBY9CJCY617_UP0ZSuqAXkj9KxXOeR4oiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqQIAb2bCUEu0PqgDAaoEuQFP0KpXVj2x2mahtd605N0S5P7UH4MfPKWZxkYB5yW5Wx1LfAPfcILASwWvvKwyB3h1J1y_YwJUXSIp1qpp2BhHMArodLPf_SbFAabyfnQ94Cv93Ly0DGSZK8Cv-TKjk6SYO1flfcX7OuSFmRpTsrDOR2S3Sn23ARilwpkM_dlHhKxGpT5dLKjw1P1oDa8ln1u3knNrUuEEAfVYGeGis5dy27XFHt9YTbzRDy-rSaoBTFsUZ08hT_ffXYAGr73cofum_qotoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0D3yfuguzxzbbtrcSBrWJP7E9BjQ%26client%3Dca-pub-6503488954991490%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1DAC 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1DAC 308 B
636 B 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1DAC 293 B
621 B 39ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1DAC 43 B
347 B 43ms
43ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=x9yglWt-X4TdgcVHIDlVGr4YfPHz3gbGoffGe33xJZXVr6aB0P1Xs9Ge0ScawSk8iWRrrFE8w1Y52yVMv2ExWjpxVfHpT1tefBRj8ijTYrRgpl7BYjWyGraHY7HmUdHOBjmoijUOw5vxLzT0gqABg3Jl0dr3kwGYY090lZiyHNFMNVFZ3R5UUQ4t6JLIgAmN08pkVwlsAPLzYcG2gK-O-F04Irk18xVkb_EyrBvpZpcH7odHe7enJvjQy9rfRLarcIsWp5k3JXqvkDlkvcZiE8gsqC4RI_tA4MLyAgp_7rs38hiuDpYAgG9x7-YOTBNSSWMC2PbA1X3Nb39VcYpJvCqnUdUSebK3wLGt7rzEdgjK8LFDqj9E0-Vkzd-2K8sFKfwSyYRBH7afQkJ0hOc5KdNviHiXz5qRln1pEWVXLhHbD2fY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4001774
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
215 B 301ms
108ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UOSq,pingTime:-2,time:114,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:10,mdZ:249,beA:262,beZ:264,mfA:265,cmA:266,inA:266,inZ:270,prA:270,prZ:277,si:283,poA:284,poZ:306,cmZ:306,mfZ:306,loA:326,loZ:329,ltA:375,ltZ:375%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:22,sinceFw:90,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 717D 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:05:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9B5E 8 KB
895 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 23:30:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 00:47:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9B5E 2 KB
765 B 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9B5E 23 KB
9 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9B5E 3 KB
1 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 20:17:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9B5E 18 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B5E 154 KB
47 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:16 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 9B5E 34 KB
14 KB 132ms
44ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 01:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 01:40:14 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1DAC 12 KB
5 KB 74ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 273104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7H8KcZdvD%2FMIBHDX8dMnUtJDER9d9PzYZLLCr8XdlsG1drIZVVg2JYBiPzz%2BsuRePca8i1UBYOl40AKxUTkSsKLWxCN%2F8WKogTkQDp0NCGm98URuM3ydXjuwJRE1U6gbgrA3vXrKf0qFHvt2yyp4SJM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76fe9c9e1b3176e9-LHR
expires: Thu, 16 Nov 2023 00:47:16 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1DAC 12 KB
6 KB 38ms
37ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 1DAC 27 KB
28 KB 40ms
40ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1DAC 6 KB
7 KB 38ms
38ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=464&s=HqB8SHInlVnojEpldBMW-e97

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

10cf563bf80b480e21ddbd0d28c1eb2a1ff82adee85bb9e9f41159fc4550af57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29144832
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6614
expires: Sun, 29 Oct 2023 08:34:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1DAC 0
127 B 39ms
39ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=XC_3ooaZXyHY-mcRUW8hWZvpevzTv6DljyigGPeqqKqHCxutfntxo_J52bimdWUF2nuLMuTadGCHmWj8UYM3W-A-CVouU5nHOjbxecj_GR78Y0wTk-x0tGZfJWSj7PUn8kjoL_IMXWEjmM2-2OvNLSTrRnxzaZJNRVi1vBkhaxUs4sHC0Oh7xXLapkY2NU6VOfKsNc25D-mGF8-I9dY7FJ8XPK3cvGsBsUiyenpUigrrEx9zP7vagRKIGVGrk2wqiLYPdQ&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 00:47:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1DAC 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1DAC 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 00:47:16 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame E984 60 KB
23 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/572802/66746211/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fukr-mova.in.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fukr-mova.in.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6503488954991490%26output%3Dhtml%26h%3D280%26slotname%3D5558448768%26adk%3D2712173870%26adf%3D1733808768%26pi%3Dt.ma~as.5558448768%26w%3D373%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1669423635%26rafmt%3D1%26format%3D373x280%26url%3Dhttps%253A%252F%252Fukr-mova.in.ua%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1669423634717%26bpp%3D1%26bdt%3D525%26idt%3D313%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1124x280%26nras%3D1%26correlator%3D4820022543065%26frm%3D20%26pv%3D1%26ga_vid%3D174118585.1669423634%26ga_sid%3D1669423635%26ga_hid%3D246295695%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D951%26ady%3D1041%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531705%252C31070969%252C44770880%252C44774606%26oid%3D2%26pvsid%3D2772225141267410%26tmod%3D1178307077%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DKQJLT50Sd7%26p%3Dhttps%253A%2F%2Fukr-mova.in.ua%26dtd%3D316&adsafe_type=bed&adsafe_jsinfo=,id:dca98d42-dbd1-c246-cc05-bdc59c2fc077,c:v1UOQV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-b5w7w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:df6fea52-6d23-11ed-ba28-02de7fa72835,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 01:33:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB30 143 B
166 B 45ms
45ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B28020909.350557476;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;liid=18702611663;dc_adk=497053797;ord=ryhmgn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG_0zE2K... Show response
ad.doubleclick.net/ddm/adi/N6602.3623628HPH_UK_6602/ Frame A597 61 KB
29 KB 206ms
93ms Document
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N6602.3623628HPH_UK_6602/B28020909.350557476;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;liid=18702611663;dc_adk=497053797;ord=ryhmgn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG_0zE2KBY632CKCz9u8P-f-FmAPmtqnNbaS1loLjEL2x4abhNhABIO2KqCdgu4aAgNAKyAEJqQLroNdKbkm0PqgDAaoE5wFP0J9JLLzn412uP6bdTYwtkxsUhg29Cee1cvQgRZ150n9dR56xMpJ4ZB_MRh1qkHeLDCXC9MkCxbq3pebPddszoUd51qjvsYkOBCJG1-VgoY7tm648_0diH7rrRlEb1-iRhHXGNXmW4qHnqGtJpEY8TEEx-4NZ4nK1XflkakpqsXt-e5SI0l0Hs5cTZBHs_nMcmYoPCo14DZWQ9OxLHOoHUXPhfzPBbbEF1KMbi2POOqHv6p0KYhTeXARWPg4FdnjYYMA8iLPKI_ZUo2fkmAGZ-SNXy6PZfjRmVqU9_NELR_7dj0ZQSjLABNb364mPBOAEA5AGAaAGTYAH_d_X6wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE_KrqBHQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM%26sig%3DAOD64_28MI8Zd2IGn_oo4qP3j4Rcmso86A%26client%3Dca-pub-6503488954991490%26dbm_c%3DAKAmf-BfHM4iTVzzmKyROQ__JyLbs4RPCMDGNfpfTTm9roSGqhIDSDOCZArowrk8brd8TKKKIZMJ6KbiyyWL_LSHPeUubUx9p9T2fYvjYhovXb7HmrmsYCuTTc_8oBPsM9wNoJcrHmSaumCayQuXguWtGrChDqB04ntZRngn60rc5WiWfr2e2G4%26cry%3D1%26dbm_d%3DAKAmf-C_vFgunW5P1IxBg5J52tTPJPxkZ3MyMBVO26GlXi7opm0L1YS3E166TrbjquaSVEsjhCVbCStvOleDPmuaR8lPC1KsLpNpFBbIOPqPBsH8G4wDkJLSRZRBfBhRynM7FLFzdSkCIeXenH3gb3SlEqcxptdPySx85PdF71NEIJLzJJXuV2eexrCAKJIWao1FNzwixzXEufAlcNL6qyOdpW-ncMQxXD8O7nAlYlMclZyW6P6fbj8qqZ3XjDcRTsQfboqbu-OzLr--8QOaEMd2CkGNP9VzblVVoMjKoDuUkOZjEr-Zy0bKspJ9-i2zIAf_QYNys1vbvbMJSCRSxJtqkVIe2mvD3piz8prGeA6_yJiLjBQTTraP4jC5rw6NsiB9igZF4yyiq3SUHXRvjO6Oo6WkOjoOp4x01cm0aXLV77T-btA6BzEdyOK9SlNLsWgSqvLyNBQA3LvREP4h8xZiql_eBfiQ-1WtjyOepxrLlipTn7Hy4w4wE-4PhOGq_Pf_eWMiXlKLbAA11O8VECFCIewiT-3jn0XGuSf6PCaHI_TzlcFCzVw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fukr-mova.in.ua%2F$0;xdt=1;crlt=2vwhBUddTf;stc=1;chaa=1;sttr=170;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

d116bea2c0d82272c2b7570cab28f17603eb21e3151ed73a6eb582f6e7fc0d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29656
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E984 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0f67b2b9e0c144fd1ace499ac378392392140c49dab5ee2c31e03a34eff9084

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 w_shown Show response
sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/ 39 B
520 B 157ms
156ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/w_shown?src_story=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=dvyou57n3eqd1gil

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
access-control-allow-credentials: true
cf-ray: 76fe9ca0bf2988bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

POST
H3 200 w_visible Show response
sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/ 39 B
520 B 153ms
153ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/w_visible?src_story=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=dvyou57n3eqd1gil

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
access-control-allow-credentials: true
cf-ray: 76fe9ca0cf2e88bf-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 w_shown
sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/ Frame 0
0 135ms
135ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/w_shown?src_story=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=dvyou57n3eqd1gil

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76fe9c9fef3edcd7-LHR
date: Sat, 26 Nov 2022 00:47:16 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

OPTIONS
H3 200 w_visible
sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/ Frame 0
0 141ms
141ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/event/700/1981/w_visible?src_story=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=dvyou57n3eqd1gil

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76fe9c9fef3fdcd7-LHR
date: Sat, 26 Nov 2022 00:47:16 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
58ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:16 GMT
expires: Sat, 26 Nov 2022 00:47:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 78BA 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:05:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UOZp,time:547,type:e,im:%7Bimprf:%7Bttecl:521,ecd:141,tsecr:106%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:547,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B541~0%5D,as:%5B541~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:378,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,rmeas:1,rend:0,renddet:INS,siq:22,sis:269%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 717D 0
20 B 82ms
82ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9Y7BE2KBY6OGLfXpx_APyY28CAAAAAA4AeAEAg&bg=!XV6lXhrNAAbvMpMzzzI7ACkAdvg8WgmTmVbwlIKbCVB8ZfmN7JVKpZqZPFK5mPO5GOR43c4kyXDI_wIAAADtUgAAAAJoAQeZAuUfMaSeVFQsfAcKK5YqOGu3lnHQFDXG30JDk5pLdRDc5mKv4FieHFP8JEa1wwI9T38YJgDVsMQtjcvZADPSGndZI4SlY9aeS07RxDMQFUwqoRyegkv7CnetIaMr0Nn-xVvqCTTdgmxCs7v74QwWNNCONwjNA-WRBrNfBdq7JE0Nrg8H09rLIpynviTSm1Hw7FqPQXRNLMCHd7aCiJe-A3rJhl12n1UXGDafWznBj9_00EJEub1JWZs2DqQNQCcGKgd7s8rK2VOTZCV3zZEbD358Vn4GQCrkQCb0TtcEv46FKcMq_r-n5um4EgumYqOFCA2Q7Wgu1Ur_Sz2-96oAkv9jWMAYoXpXB_G6grXSi5xNlfH-tK5nCq2BFGwPJFGUTnbNlKZP86P-i2acN-y8_vP4FXFz13Y1LC2u9-kmEF5wu_o0528OXH4CZeg91oNuId3dDZZZo-ZQ_mDAJC01SbECTznK0odoxO8VGt2Hc-FCBGZ-QQ8UALOQ7quwDcdGqcEC_IyC5EgVXuPrLkGZXa2q3Bz9LRJUpoNyddU_iONTtUTFTJT7PYWnjfnaF6N-cnlwbms-0uxskKrka-lX-j8WdAaHwqIw9KIJI7VskSAiJ_9N9F7AEUQa0XhKUf71nE1aXeVWpbfbMFIKDKXCCbXAKQM5rRPoqJ9TjwZmecXJYCk5G6RuJaZlkc2k7PQFmTBa7koa7WKamt17J3POnCaFPRdU-Gh9Tntfzi9oYfrHUkh7uJztXLSyuoYR8SZCnyXj45Gyux1QO0qfn_NJJH43mYX0J-XNrW2oybgwG9p0KdxBBfkQb5x8Gxj2WuRlzICr05VBMSzWos687imtpv_NCF3fQn116MfYWFskJce221qFLXI_LVmKjO_U8uk6GmA-YGeHA1qkZmaBaSoKb9LwP8B-LHueBazfYHrUZ5XNnxYWldbtt22IonGBzqKBTcQkZWOsD-7o_g3igx8ZkpZ4mjvJSb0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
215 B 108ms
107ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UP1a,pingTime:-10,time:657,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669423636612%7C%7Cfc980d726c6092ed6aa1c4c6be15aa25%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C378ffe2bc00209f93f5e42294780b2a5%7C%7C953ed1dfd80a697bd9e2a27907c4d91c%7C%7C47e62ac06866ec366206cdd7db578527%7C%7C714393aff56d5ddcff63444cc9af1e52%7C%7C5f2cfe5f1478c6dba4ab2bfecaddfd44%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame A597 8 KB
3 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6602.3623628HPH_UK_6602/B28020909.350557476;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;liid=18702611663;dc_adk=497053797;ord=ryhmgn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCG_0zE2KBY632CKCz9u8P-f-FmAPmtqnNbaS1loLjEL2x4abhNhABIO2KqCdgu4aAgNAKyAEJqQLroNdKbkm0PqgDAaoE5wFP0J9JLLzn412uP6bdTYwtkxsUhg29Cee1cvQgRZ150n9dR56xMpJ4ZB_MRh1qkHeLDCXC9MkCxbq3pebPddszoUd51qjvsYkOBCJG1-VgoY7tm648_0diH7rrRlEb1-iRhHXGNXmW4qHnqGtJpEY8TEEx-4NZ4nK1XflkakpqsXt-e5SI0l0Hs5cTZBHs_nMcmYoPCo14DZWQ9OxLHOoHUXPhfzPBbbEF1KMbi2POOqHv6p0KYhTeXARWPg4FdnjYYMA8iLPKI_ZUo2fkmAGZ-SNXy6PZfjRmVqU9_NELR_7dj0ZQSjLABNb364mPBOAEA5AGAaAGTYAH_d_X6wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE_KrqBHQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM%26sig%3DAOD64_28MI8Zd2IGn_oo4qP3j4Rcmso86A%26client%3Dca-pub-6503488954991490%26dbm_c%3DAKAmf-BfHM4iTVzzmKyROQ__JyLbs4RPCMDGNfpfTTm9roSGqhIDSDOCZArowrk8brd8TKKKIZMJ6KbiyyWL_LSHPeUubUx9p9T2fYvjYhovXb7HmrmsYCuTTc_8oBPsM9wNoJcrHmSaumCayQuXguWtGrChDqB04ntZRngn60rc5WiWfr2e2G4%26cry%3D1%26dbm_d%3DAKAmf-C_vFgunW5P1IxBg5J52tTPJPxkZ3MyMBVO26GlXi7opm0L1YS3E166TrbjquaSVEsjhCVbCStvOleDPmuaR8lPC1KsLpNpFBbIOPqPBsH8G4wDkJLSRZRBfBhRynM7FLFzdSkCIeXenH3gb3SlEqcxptdPySx85PdF71NEIJLzJJXuV2eexrCAKJIWao1FNzwixzXEufAlcNL6qyOdpW-ncMQxXD8O7nAlYlMclZyW6P6fbj8qqZ3XjDcRTsQfboqbu-OzLr--8QOaEMd2CkGNP9VzblVVoMjKoDuUkOZjEr-Zy0bKspJ9-i2zIAf_QYNys1vbvbMJSCRSxJtqkVIe2mvD3piz8prGeA6_yJiLjBQTTraP4jC5rw6NsiB9igZF4yyiq3SUHXRvjO6Oo6WkOjoOp4x01cm0aXLV77T-btA6BzEdyOK9SlNLsWgSqvLyNBQA3LvREP4h8xZiql_eBfiQ-1WtjyOepxrLlipTn7Hy4w4wE-4PhOGq_Pf_eWMiXlKLbAA11O8VECFCIewiT-3jn0XGuSf6PCaHI_TzlcFCzVw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fukr-mova.in.ua%2F$0;xdt=1;crlt=2vwhBUddTf;stc=1;chaa=1;sttr=170;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 16:31:11 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A597 170 KB
59 KB 165ms
45ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 10:22:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A597 41 KB
15 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9DEB 22 KB
8 KB 47ms
46ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 44605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6175 42 B
64 B 169ms
79ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwl_M0shNLkhQEvR_BDEfo4ncJmOhCSODXwNOw-nrBACRMiSftVCPjt4aatZjeAchmb4x-4I5K2WP46O6sidAbLXgc&sig=Cg0ArKJSzNBHdq4SGrCMEAE&id=lidar2&mcvt=1018&p=0,0,280,1124&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=829229000&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669423635028&rpt=726&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DEB 36 KB
16 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 20:11:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A597 154 KB
47 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:16 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 3 KB
670 B 143ms
53ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b58b3c3bba92a7c518181db5992d9265d4f1bc29104e5057c7fa0eeaf89c219e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 642
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:17 GMT
expires: Sun, 26 Nov 2023 00:47:17 GMT
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A597 0
0 205ms
82ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXBIZg0wIzD5YeIQT6G843oNFuTB--hQgCZoL3Z7C0AwUa-PQxkaFujv9QxtElh_w6GO3g8eH-gtQjwFQB3He0MF4aq7E4eZZvLM0Mdu-bG73I7SyKrNx__44NlQ3MTlFfMr1zpM4gnk8nXFNK4DTifM4Q_qPIeCRZ&sai=AMfl-YSdYa8IHQqhwsm806bZRouWtTSTToT3U9A11lohmXk-k7d75nb6RC__7U8YI6P7HDYtUaK_O8fCCZWf5kW5RIphbKkhfaiFaQ8KEEyB&sig=Cg0ArKJSzPyGdNAarRvAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=265&cbvp=1&cstd=259&cisv=r20221110.11402&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 00:47:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0952 0
127 B 40ms
40ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 00:47:16 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DEB 0
20 B 82ms
81ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2uofFGKBY6ufIfbB9u8PheOk8AEAAAAAOAHgBAI&bg=!fX6lfjrNAAbvMpMzzzI7ACkAdvg8Wpvl_X9hFRK9eKC0AQxoSwQR6NfJgCGluvNL-Opmrtl2ZZlO4gIAAABqUgAAAAJoAQcKAGm1TFVodnyNq9euVWQzGBLVSA-INJ8czWqdrlq0PZnIMS5ZZBzlSaXD72AO94xLSmkkJYXtzVlUZBzL5Y8UYcdX0kmpy4NndBorzvvNIGJ0JxgkV4F-w6yDKmr70c_qmio-XJqw_dg-uBaZAvtaQRRkO_7nxgo0sptcu6al9k0AJYu3vbqkwCVGgbIee--FgHVjUPCxxxyWgqsoMGuthJ-ord73nlYKO5vLonzYcwZ-a68lUDzqL-O3owhANNYmuPDbq6MKnQML7yqnjO_YKlPYAXGsssXKiCw_JDjvjNyed_9WMg3PHVvK2yTxgX55tS6-uABS5hcJbI4c_2ktXv-3Z7mojRd5JgQMHk8vH4gFfxCXgWrYxtdcPhZVj-lvS0Hg4z0EohyVNIPG5AsXyh6mSTohgKG4588p0RQWT_DAmwf-mc4W-JA5bWkoiPcU7B9PjqkKApocrny8vaVcd9OGA_ioCfyrTErN7vFaC_DtB-6dVFAerCdbHPl9hn3PHmAyFGN0-ElSk0bDvkltysaiIUtDl8cBki_lhRE6YbAEwT8V9qgNDWVY0Wni-wz52Hoxw8XahEVTQkbLkkBpKCVV8xaf60SqFErkd7qI8EyjVOOv9qDaK0QrmFzTx2jCwRqfLaAbhlFxwK-veKWLv52-SMbIWo-EsCOhIq-H_JLHr19geUNRNBaQF4UdZ7U-cqrfBb2091BJxg-U2eXKYaBQLRoCudmKspTSn6zIAMccEH9EXKq_jmGpjK4w3NtAGS3iLIp92_2QUecgOheDpXocWKZqNYvdZtCwJ5CUdp8R-cZb6xYVPSJ2ZhmSJ_7Ttwkt_3W_x0SwgLSnqNWQo5wZtw_ZIMEkzN7__YX9K0vzRl1EW8iKODq3Pw1WyAMyJSEKyWrsMDti0W_8HuZscPr_6Bkx5sYugaQsFUHItyq9pbcUMU1K0r0x6ADdJpc9X6nRJuJ6BIuTgh9JjfAH9PnrnD54PC3y4Ec79GAshu4yT6OVDJP7TMtgu_mB4tvrdIG6l-EcShh3K0l8Dgl-x68dXMqcnxFRdZQiTL2eopkU028tberMZfy7wzzizGM3KItfVxeqsg-MbiikYO8_BzRaWW40T-A9HZid90FaTHWCS5sT96ytf2k_Hd6QKHeQg2XQ-gLEe7Dv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 3 KB
992 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24b591ec8748237b9d3af16fa0256f322abc52de107ed4d2ff285198c3db141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:54 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4929 118 KB
40 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 06:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 06:28:55 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4929 60 KB
24 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 00:47:17 GMT

GET
H3 200 pa.js Show response
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 4 KB
1 KB 46ms
46ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/pa.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1443
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:54 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 11 KB
2 KB 46ms
45ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777580ef0c97a6c8d8780e94681ed0386b888e353ddc88f750d63e58c12f91b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2404
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:54 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UP8h,time:1097,type:e,im:%7Bpci:%7Btdr:1039%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1097,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1091~0%5D,as:%5B1091~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:111,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:269%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634717&bpp=1&bdt=525&idt=313&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KQJLT50Sd7&p=https%3A//ukr-mova.in.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:17 GMT
server: nginx
x-server-name: dt45.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A597 0
0 172ms
82ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXBIZg0wIzD5YeIQT6G843oNFuTB--hQgCZoL3Z7C0AwUa-PQxkaFujv9QxtElh_w6GO3g8eH-gtQjwFQB3He0MF4aq7E4eZZvLM0Mdu-bG73I7SyKrNx__44NlQ3MTlFfMr1zpM4gnk8nXFNK4DTifM4Q_qPIeCRZ&sai=AMfl-YSdYa8IHQqhwsm806bZRouWtTSTToT3U9A11lohmXk-k7d75nb6RC__7U8YI6P7HDYtUaK_O8fCCZWf5kW5RIphbKkhfaiFaQ8KEEyB&sig=Cg0ArKJSzPyGdNAarRvAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=527&vt=11&dtpt=262&dett=3&cstd=259&cisv=r20221110.11402&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 00:47:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
61ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62b7f62e450e13ff4f264e69779817a7ef3917cf53e87e7e7f02cfb197758766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11323
x-xss-protection: 0

GET
H3 200 PoppinsB.woff
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 71 KB
71 KB 45ms
44ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/PoppinsB.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cce917271d9cf7f37d43618bc6c884847c3bb9bdb0fdd4d4a06e305171b53bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:54 GMT
x-content-type-options: nosniff
age: 367163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72548
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:54 GMT

GET
H3 200 Poppins.woff
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 72 KB
72 KB 51ms
50ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/Poppins.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1264548678715047936/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d205c202c811f9c82aa8878901757b7a683312bea86ec90d2b1ecdc13424c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:55 GMT
x-content-type-options: nosniff
age: 367162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73600
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4929 7 KB
6 KB 57ms
56ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3fe7ef04a64921cea7d0130069e70f121140479246d76883ab9220675554e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5783
x-xss-protection: 0

GET
H3 404 300x250_Clean.jpg
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 43 B
64 B 486ms
485ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/300x250_Clean.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 26 Nov 2022 00:47:17 GMT

GET
H3 200 Stamp.png
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 20 KB
20 KB 94ms
93ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/Stamp.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530c1c06b031a4ce181489ab230b9c35e4682ba62257e3401facc6dcef0ea86e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:55 GMT
x-content-type-options: nosniff
age: 367162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20916
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:55 GMT

GET
H3 200 60029391_20221020032802880_Less_thing_worry.png
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 4929 52 KB
52 KB 132ms
131ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20221020032802880_Less_thing_worry.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aab966befbb839dd5db784282462dec9e78e6e24c3cdce912620c27beca6aefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52820
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 00:47:17 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 13 KB
13 KB 99ms
98ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/CTA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e84783a01d094815eb27bd472410803d680411c21ce8a322fabbd80f2f40b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:55 GMT
x-content-type-options: nosniff
age: 367162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13359
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:55 GMT

GET
H3 200 Uswitch-logo.png
s0.2mdn.net/sadbundle/1264548678715047936/ Frame 4929 10 KB
10 KB 102ms
101ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1264548678715047936/Uswitch-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7fe377178210ee7b1554fd6a008c3d61dfd48534aa2e817601f0e1c2a3d064c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1264548678715047936/index.html?e=69&leftOffset=0&topOffset=0&c=mMg4CAVr1X&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:55 GMT
x-content-type-options: nosniff
age: 367162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10712
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:02:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Nov 2023 18:47:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C72 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSORgeG3-W9uZrGmI2QwIbBcbUzqldYB2aMugN_sC1nU_eOhzhVsWzm2-jHiooh6XKjqRMC9Ki_iiu3Sq9D1orCmpe&sig=Cg0ArKJSzBl2kkFE1fZzEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=137,785,1000,1147,1179&tos=137,648,215,147,32&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669423635800&rpt=250&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4929 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:47:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC23 13 KB
5 KB 46ms
44ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 23:45:13 GMT
expires: Sat, 25 Nov 2023 23:45:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0723 783 B
536 B 155ms
63ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3e85636d776bdf7a54b10b375284f34c2584e061f13e3103d4cc038a3133b0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6cJ9UlH221ZgpI-RnvRKDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6cJ9UlH221ZgpI-RnvRKDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 00:47:17 GMT
expires: Sat, 26 Nov 2022 00:47:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame DC23 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:05:35 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame E448 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:05:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E984 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2Ae9EM5HlseBkEEL5o10aReLYhM3y7TBR-oHF4_b0CE3gTCb2CCc5j8MKznmC1J_DMSgIB5cbFCmpRs-gBnd3nmE96qzJ6P1Qu0uv5KkNIZx1p1Cz3woF-v1r&sai=AMfl-YQ60byaBo59zCEUN832-nRR8bEx_yHlrGIv7kszIgh4rUS14W78__SNlitz3qMsQPgh7PyIN02BC1TD2og&sig=Cg0ArKJSzCUqjQGqfXo8EAE&cid=CAQSGwDq26N9OHTo2eVjWdc8lTf2YYh8BdYEbMthkhgBIBM&id=lidar2&mcvt=1017&p=0,0,254,300&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.63&if=1&app=0&itpl=20&adk=2712173870&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669423635695&rpt=720&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0723 0
0 79ms
79ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2772225141267410&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC23 0
10 B 46ms
45ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qXcX7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:47:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A597 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuca2Ab0plSuoXpFHhL_RZRLLueswkjhuhMffrP_SFTsQKIV_iCSZdnjxwYXNNhr6Bpn7xrupsiirUWUyLb34NMQ70EMOGC-ec&sig=Cg0ArKJSzPVyW4zHkEadEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=34&adk=497053797&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669423636400&rpt=597&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1DAC 0
127 B 40ms
40ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 00:47:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2772225141267410&bg=!j4yljMjNAAbvMpMzzzI7ACkAdvg8Wn4hwjhizhXUUREv91LFvJXJyX0AjVk82fWfHctfL1wEUvXqyQIAAACJUgAAAAJoAQcKALgWJCRUbioU7sWVCizwEqR8jzyde7fqK7d02aFZ6JCu85r6YO4QIXfB9zsFzSYSO0cgpjDv-csUXsibSo_G-6nWwA9S-bpqqxFcEsxxegXvHYqzkCEJ3HA330j9nWzWKylfoGmHWUBHN0w97m3S0M8Ai-ndEVQmOHMFCvMluO-JL2dsmxk2OJ8qaRDbvQrbaQxGOYMjREL317v6agrgQhJjkXXS9Qc1QVohAB1OCaEL1DeGG-TRowT8mQKWjS-eMPj0RxOsfv5H9Bq6uy-j2gd-_MfSfTnfCRf3BkpC8S9xnZVCDqOpUoHHgoE-K9duz6ftHUb4UcAXhGI4ckEiqYN_PEaAY3kENu_abtHCg_av-VPLoEtPk8xLtaXfmUoiF0LBvmc4qk3KHFimzyGJcWM5QlAC8PBE7gWiTAqX_cQOk5ei9hszKBlA2NDiuu7BRYIsqb0mgjAHw8FGIziqmmaCXaNjIKyLlvmlOwCSaufqXbitBP2WPEnPyLavc47a9oEej3V7MzTHqX_SVRoYdpH2UvUtBmDubEoSYe2CGMSvAIZMMlidREBCmovy86VTDgzpRHgC3m8bE9EYOlNYHAOIin3p7nZ43l743EuCQpVhhliTZHPOnydSHtoxW0oRNmi3ZWQVEw5hSVBzlEkije9iONNQnyTAGZjDCybQiVhyK9BFPALVJvmdAnmSrx4v6m016cBcKtj1VF5TDUJgQmZ4lFZKXFbjy72QNblT_4CmKqYRilLX5XOpF2WF8SBYYH5UmFHQpFiXR6fPw4mxsKFyVKuBNATfM2Dd6YfYHpYGMw4GcVcEPk9aATw9QXAvOFtx6Ny06AfLm-gPQsB_SqII36C0cbSy5o8e6-64PmxeaHPsqYNsDQFIv0hEwrreiLjjx7tewlVzlcHk7WTVbDd2ESIa7jPm1jPRjImF9g6Mtlqdfn4a_l9mFKWGDNES5oai3yVKVGUDvpEqc9mj0180zJ_2qZZ8VR2rM125ZRTOiCUZ4YVG1-MeKNDAqQbgCbAGulneZRP599t9M4dfOecmXEz2K00sSRQ9b5bx3EjTCkMc7Qkpl3GBByveozT6a9jLUNgo0aErW8NNu0LZ1ioKObsa6pPKlJ75HRHtjobcTE8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E984 43 B
215 B 109ms
108ms Image
image/gif 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=572802&asId=dca98d42-dbd1-c246-cc05-bdc59c2fc077&tv=%7Bc:v1UPwL,pingTime:1,time:2615,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:64,vs:pp,r:,t:1613%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1613,n:0,pp:1002,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1608~0,0~50%5D,as:%5B1608~300.250%5D%7D%7D,%7Bsl:pp,t:1613,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~50%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tofxrCI+11%7C12%7C131%7C141*.572802-66746211%7C1411%7C1412%7C15%7C16%7C171,idMap:141*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:22,sis:269%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:18 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 118ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RGJRK45Q0D&gtm=2oeb90&_p=246295695&cid=174118585.1669423634&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669423634&sct=1&seg=0&dl=https%3A%2F%2Fukr-mova.in.ua%2F&dt=%D0%9B%D0%B5%D0%BF%D0%B5%D1%82%D1%83%D0%BD%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%B2%D0%B0%D0%BC%20%D0%B2%D0%B8%D0%B2%D1%87%D0%B8%D1%82%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%83%20%D0%BC%D0%BE%D0%B2%D1%83%20%D1%88%D0%B2%D0%B8%D0%B4%D0%BA%D0%BE%20%D1%96%20%D0%B2%D0%B5%D1%81%D0%B5%D0%BB%D0%BE%20%7C%20%D0%9C%D0%BE%D0%B2%D0%B0%20%E2%80%93%20%D0%94%D0%9D%D0%9A%20%D0%BD%D0%B0%D1%86%D1%96%D1%97&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 00:47:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ukr-mova.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ukr-mova.in.ua/	1970-01-20 17:19:43	Name: PHPSESSID Value: 1a98f008adff39dece9827733bb5abf5
.ukr-mova.in.ua/	1970-01-20 17:19:43	Name: _ga_RGJRK45Q0D Value: GS1.1.1669423634.1.0.1669423634.0.0.0
.ukr-mova.in.ua/	1970-01-20 17:19:43	Name: _ga Value: GA1.1.174118585.1669423634
.ukr-mova.in.ua/	1970-01-20 17:05:19	Name: __gads Value: ID=5bcc6b3511ebfb8a-228e1ef699d70081:T=1669423635:RT=1669423635:S=ALNI_MauzkVNodfNvJjses4MjWjH7ajWKw
.ukr-mova.in.ua/	1970-01-20 17:05:19	Name: __gpi Value: UID=00000b878739b5b4:T=1669423635:RT=1669423635:S=ALNI_MZeRI60cdbLO86w9cc05_p-KvX-ug
ukr-mova.in.ua/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1669423635253%2C%22visitNumber%22%3A1%7D
ukr-mova.in.ua/	1970-01-20 16:29:19	Name: pnespsdk_visitor Value: dvyou57n3eqd1gil
.piano.io/	1970-01-20 07:43:45	Name: __cf_bm Value: zL9L3HPDhqgm37wQdOBd.lKQVrJXpHzeiap.AasckIA-1669423635-0-AefpI/bYRuOoYLHQFsI/l1w2aI6Nm8WJYo2AR2SXINbIlKpL1RJ7CvPrR0JBbHvwmXPcUrDDt9JUOhNnIo/KIuQ=
.doubleclick.net/	1970-01-20 17:05:19	Name: IDE Value: AHWqTUl48jlGtq5gvk3OZotIAoBOQSki75YkJFDovIBzaWcra5yIDbuQkulWabddr5w
.adnxs.com/	1970-01-20 09:53:19	Name: uuid2 Value: 7731927578372724698
.casalemedia.com/	1970-01-20 09:53:19	Name: CMPS Value: 5286
.casalemedia.com/	1970-01-20 09:53:19	Name: CMPRO Value: 5286
.adnxs.com/	1970-01-20 09:53:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU_YS-9/!1yIE`fS1ueD1W-044)d+]Ue'UqmmxqFlau(O$Ak)nfG_VZ<-+0sxfVqTvjmP(hw9P-HC_#tsl4)g>=I
.casalemedia.com/	1970-01-20 16:29:19	Name: CMID Value: Y4FiE7WAsunQgIpiSZUbTgAA
.casalemedia.com/	1970-01-20 09:53:19	Name: CMTS Value: 3230
.doubleclick.net/	1970-01-20 07:43:47	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://ukr-mova.in.ua/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1669423635&rafmt=1&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669423634715&bpp=1&bdt=523&idt=307&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4820022543065&frm=20&pv=1&ga_vid=174118585.1669423634&ga_sid=1669423635&ga_hid=246295695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070969%2C44770880%2C44774606&oid=2&pvsid=2772225141267410&tmod=1178307077&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=12s8zvSWcY&p=https%3A//ukr-mova.in.ua&dtd=312 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://s0.2mdn.net/sadbundle/1264548678715047936/300x250_Clean.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
apis.google.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s0.2mdn.net
sandbox-api-esp.piano.io
static.adsafeprotected.com
static.criteo.net
tpc.googlesyndication.com
ukr-mova.in.ua
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.194
142.250.184.230
172.217.18.2
178.250.2.148
185.80.39.216
185.89.210.20
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
2600:1f18:1aca:4282:d5b9:a662:f0ed:dac2
2600:9000:21f3:e800:8:48e:53c0:93a1
2606:4700::6810:2a41
2606:4700::6811:180e
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:7a60:0:1054::1
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::21
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
63.34.236.18
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
025d6947e5924707bf0315200f65bd967680ba42e5c8e6b6948fa9405ccdf9d8
055803689422db469d6c17f6af75715f774c05d500b55ed6f866aa55fb376389
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fbf9e8b811099795216f3407d42235f49422a91c4ab91d29228fa89020e9f8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3b4742a2f051d5b4563017922c6a5a812a94176b935ec0ef0e7692310b6561
0cfa426c00ae956e28514da60606dbdf4b3493ab146716051b9f82050dae0af0
0d205c202c811f9c82aa8878901757b7a683312bea86ec90d2b1ecdc13424c9d
10cf563bf80b480e21ddbd0d28c1eb2a1ff82adee85bb9e9f41159fc4550af57
11237bed4d1fa875bf345142d50731137039190b47aa457efd5c6c0aeec93755
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1492f13f86dec17d82703c69f04876ac6d2eb57f331b8319076590cef2d6a4ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a9fc41a0e356987fe32c9ada7bd7fcd26b21436d18e94229d1b58f4cef50a7
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1a642d998a7bb9a6451c45ec09b036fd3e9a9503a50543aff9d662abe3ef98ca
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
238e18cef217436fe03f0b81c98a60df42bc15af92b0cbcfcf11a2e1a77b6354
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323e72bcc317bd42257844c45b1631b698ee06f75eed96b1bd6538ad10fb2052
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
3f92b60402d96c032768de952345a732034e540494cf667d9240370f7efa6ca6
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
463e41c75bb982420f490e275ffd2aa97322a9943d72c90acabf6d581b97f0ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
530c1c06b031a4ce181489ab230b9c35e4682ba62257e3401facc6dcef0ea86e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571d15e85825e4183d95663c917a6a7911346b2915ce796cff3ffba121474a58
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ff4df129472ce117df4b51bb3cd58f6ea514d85a63ff77a5df4c5d20ce5cd2b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e326f8f8a66db5002f350f83da66286636e2d38bf6dd429e363518ac511c79
62b7f62e450e13ff4f264e69779817a7ef3917cf53e87e7e7f02cfb197758766
62c1857dee37b756c49089ed0d15e32fbd1bae2cf3d581fc924ff695dc206e0d
655c5c0fa45b1d37b91ff86dbab415b2629df770c6eface88c3f5e14b7c03903
65f64c32be0b31cf5b3e60f6fe16fe0545e49375c5486490d10da3be8c823184
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6cce917271d9cf7f37d43618bc6c884847c3bb9bdb0fdd4d4a06e305171b53bb
6d98c723af2047a14667b0a35b22b28b6efa3cacc7aa534871e61f6b7a19d26e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76e8afd1a54e3c4a9a0e604b4766afe94381eb62ad8bff5b3c641e7a970f0e66
777580ef0c97a6c8d8780e94681ed0386b888e353ddc88f750d63e58c12f91b3
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7e84783a01d094815eb27bd472410803d680411c21ce8a322fabbd80f2f40b93
80560238f8c512e3d34d8de4a211e389f828b254c4cc06ace4b466da10658158
80a3a201c48121ca169360ff34542bc313b1b6831367c5d22cd6096b46b803c0
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90532202ccd82df3cbc1db9c4aa50fd85dc2bc50dcbe39f37c36da16889d3009
94dc26972578717e2b66d6e19d4384d3a202ac8f638f5c4f6c795ce2219049c4
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fdc13189ace49bfcaf1cedffaec9e88aba48b26210730af49cd1893f270ac98
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff43e3e2a698cce2996a9769a2f8e5a299764541a43d88a4a0a9c536e03ff03
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a21f2c87fdaa803b3f6b750d7131ead9732d9214d1c555b873dfd5ff02d2001d
a24b591ec8748237b9d3af16fa0256f322abc52de107ed4d2ff285198c3db141
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e85636d776bdf7a54b10b375284f34c2584e061f13e3103d4cc038a3133b0a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c981b3c5bf47d49badee8dc59f65fab6e398f761606f365f7066945cf7a71c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aab966befbb839dd5db784282462dec9e78e6e24c3cdce912620c27beca6aefb
ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687
b0f67b2b9e0c144fd1ace499ac378392392140c49dab5ee2c31e03a34eff9084
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58b3c3bba92a7c518181db5992d9265d4f1bc29104e5057c7fa0eeaf89c219e
b5e5c5a378ee4fa9b338c69434dc4b624749b170c0a09bbe8d8c1d14e2391335
b7fe377178210ee7b1554fd6a008c3d61dfd48534aa2e817601f0e1c2a3d064c
b9bef40f1bf2a0adbf0871b9f7515b82b8f73296d45963729e2504a1cc809e83
ba88e498053a1f77f33607ee877d778ab2a8cfd8ed4c9fcd7555416c02714074
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c316d6d358f31acc381a8e2e9f393030a3c36e5a8c8f8ccf1eb785179d387d02
c3fe7ef04a64921cea7d0130069e70f121140479246d76883ab9220675554e42
c4b3ef41b4d68db74f810338bf81416859d36592bc03ed8236b4d14391d6e82d
c7e8e00881d1c861282dfedc25dab47cb9140df10ad6221367451780907e47fb
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c9e4e2559cfc12657887b425b2501ce0dd2fe1e078c33b9fa8ae0eb8c8878d69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01ecdb74c50c92c1f50356998f6f6e06ede0457a2ff53fbce12b74face63d3c
d116bea2c0d82272c2b7570cab28f17603eb21e3151ed73a6eb582f6e7fc0d4e
d1d554abaad80b8560924fbc3c35f1956894d46054f724d10e71530290e9ee09
d89bd3c368e6b0f67dec73a6deabcf1db848d10d528b06904709280adb429cfd
dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
faf82bdf4232c3b4b2e84f909652553508b656cd578b2160415e6bd8afbe7bbb
fbfa91db8f299621318fc679b308788b8cc95e9fd03ee86df4f34f1dd808b4b7
fef0affa6c8b20e485d3651323f3217f12aa7b190262517c2429bcaf48f2859d

ukr-mova.in.ua Open in urlscan Pro 2a00:7a60:0:1054::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

97 %HTTPS

80 %IPv6

22 Domains

35 Subdomains

36 IPs

7 Countries

2520 kBTransfer

5779 kBSize

16 Cookies

5 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ukr-mova.in.ua Open in urlscan Pro
2a00:7a60:0:1054::1 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

97 %
HTTPS

80 %
IPv6

22
Domains

35
Subdomains

36
IPs

7
Countries

2520 kB
Transfer

5779 kB
Size

16
Cookies

183 HTTP transactions
3 data transactions