goroh.pp.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goroh.pp.ua/
Effective URL:
https://goroh.pp.ua/
Submission: On July 03 via api (July 3rd 2022, 5:05:49 am UTC) from GB — Scanned from GB

Summary HTTP 79 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is goroh.pp.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 26th 2022. Valid for: a year.

This is the only time goroh.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3 7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.246.186.77 54.246.186.77	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:ca00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:28::6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
79	24

5 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

goroh.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.186.77 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-186-77.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:ca00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:28::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznl6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 273	295 KB
16	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 276 gcdn.2mdn.net — Cisco Umbrella Rank: 883 r1---sn-4g5lznl6.c.2mdn.net — Cisco Umbrella Rank: 672706	1 MB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 771 static.adsafeprotected.com — Cisco Umbrella Rank: 562 dt.adsafeprotected.com — Cisco Umbrella Rank: 481	97 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	50 KB
5	pp.ua 1 redirects goroh.pp.ua	26 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	4 KB
4	gstatic.com fonts.gstatic.com	70 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4608	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	644 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
79	16

	Domain	Requested by
14	s0.2mdn.net	goroh.pp.ua s0.2mdn.net
14	pagead2.googlesyndication.com	goroh.pp.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	goroh.pp.ua	1 redirects goroh.pp.ua
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	goroh.pp.ua
2	fw.adsafeprotected.com	1 redirects goroh.pp.ua
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ade.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	r1---sn-4g5lznl6.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	goroh.pp.ua
1	fonts.googleapis.com	goroh.pp.ua
1	www.googletagmanager.com	goroh.pp.ua
79	26

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-26` - `2023-05-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://goroh.pp.ua/
Frame ID: 81FDB6AB543D72E986304714C31445B1
Requests: 23 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgoroh.pp.ua%2F&width=174&layout=button_count&action=like&size=large&share=true&height=46&appId=950174432075014&locale=uk_UA
Frame ID: 3D6CF3A43C89326465291D5B0D10ACD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 784C21C44C2F97C54837B5BECB9DF750
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&adk=1812271804&adf=3025194257&lmt=1656824745&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoroh.pp.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745104&bpp=3&bdt=377&idt=317&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2770590981051&frm=20&pv=2&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334
Frame ID: 26F0661FFF7CBACE13271C64132C8B75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Frame ID: CBA41254E89C5E229ACB828EA96EF6CD
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIaDz8YBMAE&v=APEucNWJc-FkL_9lxQmzgWOyYe8-ZqbK1B02PwbT0lF6OIpwId1b0niBn4GfA8WitpL_yd6-lqkdCUapaLHyrzPX87YP4W1dxAthQy--qyRFnvgUeEXYQp1moyiugyJInc_vOSSSmhoSLfAZ7D3Jk1i3-Si6Lwstkjac6mEzagugS0IwATPMAO4
Frame ID: 48EA00CC3CFDBA30B2F112CAD9134359
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5278FC210151F7450F4DBB4CFE2FBF84
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
Frame ID: 60DD115E30B9A78322527CE0B5A99403
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 969C6F33D1B158D39DBD8CF2537293DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Frame ID: C27AE93DAE0E8AC19CE7C4FA5796B37D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20E1BA0219A0F01C43A91D91E9D47188
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96DA286EAF823A03A3408D59962D15EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Про сайт | Горох — українські словники

Page URL History Show full URLs

http://goroh.pp.ua/ HTTP 301
https://goroh.pp.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

79
Requests

92 %
HTTPS

79 %
IPv6

16
Domains

26
Subdomains

24
IPs

6
Countries

1754 kB
Transfer

3033 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/goroh_bot
Title: телеграм-ботом

Search URL Search Domain Scan URL

URL: https://www.facebook.com/goroh.pp.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goroh.pp.ua/ HTTP 301
https://goroh.pp.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEo6sfzcvUHEnEDxaRN7yew&google_cver=1

Request Chain 30

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsEjqlXotSmFcl2ngsoRXQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-5POAPy6DJ6uxZPTICqtk&google_cver=1

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_LjR-53r7Ck0vO4U1AmiI&google_cver=1

Request Chain 32

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg0NzIwMTExMzAzMDcyNzgwMA%3D%3D

Request Chain 45

https://fw.adsafeprotected.com/rfw/st/991453/61757014/skeleton.js?ias_dspID=3&ias_campId=27076785&ias_pubId=pub-7943937342790223&ias_chanId=1&ias_placementId=16472294627&bidurl=https://goroh.pp.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gq7D16r8lBWAFJGvnLv6R4&adsafe_url=https%3A%2F%2Fgoroh.pp.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7943937342790223%26output%3Dhtml%26h%3D600%26slotname%3D1684208412%26adk%3D1954673715%26adf%3D380825451%26pi%3Dt.ma~as.1684208412%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1656824745%26rafmt%3D1%26psa%3D0%26format%3D300x600%26url%3Dhttps%253A%252F%252Fgoroh.pp.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1656824745107%26bpp%3D3%26bdt%3D379%26idt%3D338%26shv%3Dr20220629%26mjsv%3Dm202206280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2770590981051%26frm%3D20%26pv%3D1%26ga_vid%3D1694383800.1656824745%26ga_sid%3D1656824745%26ga_hid%3D1317728200%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1223%26ady%3D311%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44761792%252C31065741%252C31067527%252C31068288%26oid%3D2%26pvsid%3D1615479226856032%26tmod%3D1504226401%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DG5xvoplH8P%26p%3Dhttps%253A%2F%2Fgoroh.pp.ua%26dtd%3D345&adsafe_type=d&adsafe_jsinfo=,id:1a057c9f-1621-1316-1161-27969a51e51b,c:hhhagT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-7hrcp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:294,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:324,oid:cc36aa76-fa8d-11ec-95ed-a6a076d08bc6,v:19.8.319,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 68

https://gcdn.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4C19FF33F9F176F5A8660CAE2EF4550342B30B98.8BA25A540E964FAF1E32A7A33D1F1F9E3BF63CC0/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznl6.c.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D51583494E1804058D2C3DABE7964FC3E289BAA.8001C560234CD09AD033B9CF2AFC8380BC51B218/key/cms1/cms_redirect/yes/mh/5Z/mip/2a01:4a0:2c::7/mm/42/mn/sn-4g5lznl6/ms/onc/mt/1656824430/mv/u/mvi/1/pl/48/file/file.mp4

79 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
goroh.pp.ua/
Redirect Chain

http://goroh.pp.ua/
https://goroh.pp.ua/

19 KB
6 KB

395ms
304ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8274241d349ddf1c066a4cfc905ad49b5dfc9176b174fb5863e6ae007e0ca949

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 724d167cca5d754d-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 03 Jul 2022 05:05:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TneHb3MqNTOyA1AUAeiJ7cSyCs3Pw0hQ78m2r0vsSUehr6kXxiFX6UHnXfUUq3uUr7mmnBekZPqBXKyw%2F1CAPETBbm%2FylycMtZDB6I7v%2BynJekML1T7PM%2BBCJKjry8aPu2EpFTlyzUmqlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 724d167bdad7732a-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 03 Jul 2022 05:05:44 GMT
Expires: Sun, 03 Jul 2022 06:05:44 GMT
Location: https://goroh.pp.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53S73V19eKgq9qmJeTfZbLbYlFFYK7agGvvGPDQPCk6BX1KI6numvHDYUz0yqmYSa6pZCXg5YxYm9DnZcLU1sKmQnkCGq00YYTEI7hXrtWDBLNikT4l8bEz6jdhCNIHs36UecGzAoQIeiw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 site11.min.css
goroh.pp.ua/css/ 45 KB
13 KB 57ms
56ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/css/site11.min.css?v=36
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7110dd63ccd4951c07280944478233d13db3547c7c309094338fb76f0e6498

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Oct 2021 13:17:26 GMT
server: cloudflare
age: 403153
etag: W/"1d7c9a2a755c4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ0GCACYX0aIIIa%2F82bSAA09ICXiRsOUalbasZcjd0kvFv8xIOi05tzxr3M5XTBpautVAeOEPbLgNhRIBYi7%2FuSH0Z8kKh3iX7CYU9IzjlnCVnur2nLEIGOaJ08zE%2BxzWjUodZXNBJx6SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 724d167ebb95754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 188ms
65ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145685605-1

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7bd1293a93d09a8681da4ca4ab477b048394157c193b9c4fa95c5371480aff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40361
x-xss-protection: 0
last-modified: Sun, 03 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Jul 2022 05:05:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 206ms
76ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a009d03a153a7c53a2425e4f47c0dc942e99236862c57ad76c1c097a3539715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56376
x-xss-protection: 0
server: cafe
etag: 17518664171886512573
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Jul 2022 05:05:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
2 KB 189ms
66ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700,800&text=1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz%D0%90%D0%91%D0%92%D0%93%D2%90%D0%94%D0%95%D0%84%D0%96%D0%97%D0%98%D0%86%D0%87%D0%99%D0%9A%D0%9B%D0%9C%D0%9D%D0%9E%D0%9F%D0%A0%D0%A1%D0%A2%D0%A3%D0%A4%D0%A5%D0%A6%D0%A7%D0%A8%D0%A9%D0%AC%D0%AE%D0%AF%D0%B0%D0%B1%D0%B2%D0%B3%D2%91%D0%B4%D0%B5%D1%94%D0%B6%D0%B7%D0%B8%D1%96%D1%97%D0%B9%D0%BA%D0%BB%D0%BC%D0%BD%D0%BE%D0%BF%D1%80%D1%81%D1%82%D1%83%D1%84%D1%85%D1%86%D1%87%D1%88%D1%89%D1%8C%D1%8E%D1%8F%CC%81%D1%9E()%C2%AB%C2%BB{}[]:;%E2%80%9B%27.,?!%22%C3%A6%CA%A4%C9%99%C9%AA%C9%9C%CA%83%C9%94%CA%8A%CA%8C%C5%8B%C3%B0%CE%B8

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aede6403a593039d4b953c0ac49479c3f52764195002d34daa36fd0844e4d675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Jul 2022 05:05:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 03 Jul 2022 05:05:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Jul 2022 05:05:44 GMT

GET
H2 200 site5.min.js Show response
goroh.pp.ua/js/ 8 KB
3 KB 50ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/js/site5.min.js?v=12
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e922a63216b81f8eaf1a82bedb7f2eb5c88140d74eacd78e10c609422c05d27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 May 2022 10:09:43 GMT
server: cloudflare
age: 110940
etag: W/"1d866b190ae1301"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZRlT9Uzwv58iXYtOzzh1DJSU9haVSU47cPKLlNXJLPfpvG6VGpp8oXVouj3xyY5w1iTLc1MsamTSExOtiV3QkpOrlafa%2BdKRDuHRuzyz0UYESya4Ti2tIZfTlhI5%2BR5rmnhrcxTaAKUCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 724d167ebb96754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sprite.svg
goroh.pp.ua/img/svg/ 6 KB
3 KB 58ms
57ms Other
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/img/svg/sprite.svg
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f5e59627b28dffa37fce186367a7df4b6d99943597b878f8c2e5474eabcc96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 11:34:14 GMT
server: cloudflare
age: 403939
etag: W/"1d71a584a7ee9eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhyB7dEhuk1Tu4KuFXVGjZ7ICnhR%2FrXVsLJuNovbTOZXjxkT38CMTPmxALNMf6P6NtNFbNmQXDj6uG23b1qmeq0iVap5q0%2BNTM3i1NnCOR9ZOXor%2FjawciSc4tsgzUREXtQ3AnxseYDzCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 724d167f1e0506b2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 3D6C 0
3 KB 206ms
88ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgoroh.pp.ua%2F&width=174&layout=button_count&action=like&size=large&share=true&height=46&appId=950174432075014&locale=uk_UA

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 03 Jul 2022 05:05:44 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-content-type-options: nosniff
x-fb-debug: J5BGpyzzEXvwWlb6TKmVqc0cl7jAjw0Pd0/1jwx0+pbhFg3QOUJ1fVsGRrAVgTx7huUcRZmXaMGEuvnLpeh5Ww==
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aca3e0e1ee0b3f5ea6b4e61b81e54f9e9b9a1461b769d669e57718becb54ea69

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 505 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86dc05b5341818e644c1c2b35df377c8046f482bb91c0c9d96fa2b4717825f2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 font
fonts.gstatic.com/l/ 17 KB
17 KB 238ms
120ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe0qMImSLYBIv1o4X1M8cfe_MQ5pUnYPf7hT5Zft62wIiq2BoYI4FMo8wtmVjB3DFBpnkdfHq-QiNrwpfOMjyxZfRDEa1RdDb5JazWU1ufLxxBMPfaJ82WByE_gid8nhSMcxuWjClZhxuIgGBDKGIe6owenLNVrhV8ZE3f-4lBHxGw_hxtt3VfEeZKYzhRhywv57dmcCxqCgwrv6VWKquqjsMk3f3Oci6Y4heGNpYY4kJKGlDHit6hF_0nTrClPJPin3IOOlfb_bkasu2GR5fJ3G5m63Eh7COoIPALr1jSjXigF3hfqvZ0H8ukQrhk2KDL-nujPT5dTRClh3RVL80AWkQmsJMgd3cMNHUAPbPIsCOlAHq8svrNvEJ0lsH-MvJnNgXJf7hhu1FCbMjeRv9zn0JKjNQob6QTEwETFIZFgqpDncsaxWDHzP2jv7L3yQBvUHi484hY6Df5AJNI3K30U1JcCt6M-5oZjMqYuldR_DQkQYa1fhpB-_KYM9yzXg5O-d8OqvDraOo9VtV0NHmL4YNdwbZSifSyZCTdXUyCJXM9vPm2fk119-8K_RzI7ruZU2Pr89WJLxHDiYeG6FS1RRseyX428buFQyt0VValZXSHDaVoizCIVWiK9ITabFE12LENk&skey=60bfdc605ddb00b1&v=v12

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700,800&text=1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz%D0%90%D0%91%D0%92%D0%93%D2%90%D0%94%D0%95%D0%84%D0%96%D0%97%D0%98%D0%86%D0%87%D0%99%D0%9A%D0%9B%D0%9C%D0%9D%D0%9E%D0%9F%D0%A0%D0%A1%D0%A2%D0%A3%D0%A4%D0%A5%D0%A6%D0%A7%D0%A8%D0%A9%D0%AC%D0%AE%D0%AF%D0%B0%D0%B1%D0%B2%D0%B3%D2%91%D0%B4%D0%B5%D1%94%D0%B6%D0%B7%D0%B8%D1%96%D1%97%D0%B9%D0%BA%D0%BB%D0%BC%D0%BD%D0%BE%D0%BF%D1%80%D1%81%D1%82%D1%83%D1%84%D1%85%D1%86%D1%87%D1%88%D1%89%D1%8C%D1%8E%D1%8F%CC%81%D1%9E()%C2%AB%C2%BB{}[]:;%E2%80%9B%27.,?!%22%C3%A6%CA%A4%C9%99%C9%AA%C9%9C%CA%83%C9%94%CA%8A%CA%8C%C5%8B%C3%B0%CE%B8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d547bcf0f8bf51c3c8c5c0d3561306f9d79e31f5ac232788738b72508ed26e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 20:28:51 GMT
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17520
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sat, 02 Jul 2022 20:28:51 GMT

GET
H2 200 font
fonts.gstatic.com/l/ 17 KB
17 KB 184ms
71ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe03MImSLYBIv1o4X1M8cc8aBf5vQYQrdrNY447w928NjaiCrI01F8xHu6WQixjAGRVqktLAruc_KaEqeeQmyBtQSTIe7i59apVfzmg6tPH0wxYMYL1h2mV1FvsveMTiTH_hBhGq1uA2-sJBTHjIaaLmkaWeZQO0CJ8agp3m83OUfGWErrEZPZ1wF8pD9m0Cu4sEDxl9utnhufy8FyXp-PivYx2Fjbx4gdVIEB4AH_JjW-DjQjnmpFs0gz67WwyZYHaefovMANen7NRQihkmLO6ZlB3Nbk22at9aUNmjx0iXw0c367rkDwux_gxf3gLiX-7z6WWHsoKNXQYrBQy9kEflASlNcUIzNoYAFkucdcNIcxtN54Bi4JWJaAccUJJfVAITLuOI82_DYVG69ZMWj0WNWtSyPOaFIFFScFIqADtPwF-51so-axWnsFKQRRD7a5lp5uBX1eDTLsNZZt6fjRFgcpT7v5bv-cGR8dT4K0CDHAZYLhWm4Vn4ZMVyhXSsp6zOsrv9TefM4JQvFwIC2PpdephVKmXRB2s1AaOjvVQjRri7-QSDtTkrm7zRzI_ruZw2Pr49WI3xHDmYeGGFS1VRsMeX424bu0Myt0RValFXSHHaVoGzCIRWiLVITZ_FE1yIKu2ERSM&skey=455d87138f5ce23c&v=v12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a704058593912a150b331f58ff19eae7a100383cc647f6f88d1098c8dc928d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 20:28:51 GMT
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17736
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sat, 02 Jul 2022 20:28:51 GMT

GET
H2 200 font
fonts.gstatic.com/l/ 17 KB
18 KB 165ms
55ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe03MImSLYBIv1o4X1M8cc8GBv5vQYQrdrNY447w928NjaiCrI01F8xHu6WQixjAGRVqktLAruc_KaEqeeQmyBtQSTIe7i59apVfzmg6tPH0wxYMYL1h2mV1FvsveMTiTH_hBhGq1uA2-sJBTHjIaaLmkaWeZQO0CJ8agp3m83OUfGWErrEZPZ1wF8pD9m0Cu4sEDxl9utnhufy8FyXp-PivYx2Fjbx4gdVIEB4AH_JjW-DjQjnmpFs0gz67WwyZYHaefovMANen7NRQihkmLO6ZlB3Nbk22at9aUNmjx0iXw0c367rkDwux_gxf3gLiX-7z6WWHsoKNXQYrBQy9kEflASlNcUIzNoYAFkucdcNIcxtN54Bi4JWJaAccUJJfVAITLuOI82_DYVG69ZMWj0WNWtSyPOaFIFFScFIqADtPwF-51so-axWnsFKQRRD7a5lp5uBX1eDTLsNZZt6fjRFgcpT7v5bv-cGR8dT4K0CDHAZYLhWm4Vn4ZMVyhXSsp6zOsrv9TefM4JQvFwIC2PpdephVKmXRB2s1AaOjvVQjRri7-QSDtTkrm7zRzI_ruZw2Pr49WI3xHDmYeGGFS1VRsMeX424bu0Myt0RValFXSHHaVoGzCIRWiLVITZ_FE1yIKu2ERSM&skey=cc2992921884e495&v=v12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32a1873e03567492d5bc422049a61826bbb464bc1a1e9b71d32b2f0fccdcf651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 20:28:51 GMT
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17676
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sat, 02 Jul 2022 20:28:51 GMT

GET
H2 200 font
fonts.gstatic.com/l/ 18 KB
18 KB 245ms
139ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe0oMImSLYBIv1o4X1M8cce4I9tYo1cJdbZX4ovy6W4OjK-Dr4w6Fs9Gv9uTih_BGhRlk9HBqeY8KL4reuUhyRhRRjMd7yhBaZRYz2s7u_D3whENY7x-22Z0EfosecvjT37nuXjDr5h0uIUGBjKAIeyo3enONVbhUcZF3cO4kRHzGwDhxNtxVfMee6YwhR1yzv59dmYCxKedwrr6UGKrurvsM03U3OYi2o4geHdpYo8dJKalA3io6hB_yXTqClzJPynAIOKlaL_akags9WR2fLHG526_HDfCN4IKAIz2pCjeigd3rfyKZ0b8tEYbmHSKDr-gujHT5NTaClp3W1L90AakQ2sOMgZ3c8NGUAzbPYsBOlEHrMsurNjEJklTH-IvJXNhXJD7hxu2FCfMguRu9zz0JqjMQpn6QDEzETBIY1grpDrcsKxZDH3P2Tv6L3uQB_UEi445uo6Cf5MJNY3N30Q1JsCs6MC5oJjJqYmldB_dQkYYbFfjpB6_IoM_yDvg5e6N8OmvHLaPo9ZtVkNCmL8YPtwaZSufSiZ5TdTUyyJWM8zPmmfh115M_eiI0siyptpvKPFkT8OoFGjBcTHcTQoIt5nPzhtDlzdpjycOUzMMdhSBaeXoPukNv9kTYOmeBxPTP6DmXg&skey=8952ce414dafd5f2&v=v12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0114138e4ac4c4ee867476afc278c243696da522fab0a34776d7d68ca07e3c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 08:02:28 GMT
x-content-type-options: nosniff
age: 75797
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18388
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sat, 02 Jul 2022 08:02:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 174ms
54ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145685605-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 56
date: Sun, 03 Jul 2022 05:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 03 Jul 2022 07:04:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 339 KB
119 KB 191ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7943937342790223&plah=goroh.pp.ua&bust=31068288

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ee6a1e01d6577d1d16b8d2b3dfd3b5287253ca2e864ba2bad1597f04d930da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122219
x-xss-protection: 0
server: cafe
etag: 12091962152275429641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Jul 2022 05:05:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 784C 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 44278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Jul 2022 16:47:47 GMT
etag: 10429905676100781186
expires: Sat, 16 Jul 2022 16:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 170ms
61ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1317728200&t=pageview&_s=1&dl=https%3A%2F%2Fgoroh.pp.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%BE%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%20%D0%93%D0%BE%D1%80%D0%BE%D1%85%20%E2%80%94%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D0%BB%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=230295835&gjid=253215896&cid=1694383800.1656824745&tid=UA-145685605-1&_gid=1324433251.1656824745&_r=1&gtm=2ou6t0&z=1219946460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goroh.pp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goroh.pp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 169ms
56ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-145685605-1&cid=1694383800.1656824745&jid=230295835&gjid=253215896&_gid=1324433251.1656824745&_u=YEBAAUAAAAAAAC~&z=1590389176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://goroh.pp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 03 Jul 2022 05:05:45 GMT
content-type: text/plain
access-control-allow-origin: https://goroh.pp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 192ms
62ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=goroh.pp.ua&callback=_gfp_s_&client=ca-pub-7943937342790223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7943937342790223&plah=goroh.pp.ua&bust=31068288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

af90c8459ca54a7866e3d0d36769c7f3aa4061cfeca7ba23db3a3a6eb13fbaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 178ms
63ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=goroh.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Jul 2022 05:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 184ms
62ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=goroh.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Jul 2022 05:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26F0 0
19 B 206ms
96ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&adk=1812271804&adf=3025194257&lmt=1656824745&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoroh.pp.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745104&bpp=3&bdt=377&idt=317&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2770590981051&frm=20&pv=2&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 05:05:45 GMT
expires: Sun, 03 Jul 2022 05:05:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CBA4 14 KB
8 KB 724ms
627ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7012eca79c241b0bf156338d10cf0dcfe02343f9249bacdfd497be6d5c5449d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 7697
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 05:05:46 GMT
expires: Sun, 03 Jul 2022 05:05:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBA4 42 B
63 B 87ms
86ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaCmswFRPmQSvdITCC6QF8-9dSjnSW6DiobVo3rwbsFhZPG9y8XmlwDN3aY34ciuvbqQTyJfa1v8RA6FmmHl6rJvjFhGq8hlVAOfAgy87oZbqts84

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame CBA4 3 KB
1 KB 189ms
60ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 04:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 04:11:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBA4 138 KB
43 KB 210ms
69ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 05:05:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame CBA4 17 KB
8 KB 182ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 04:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 04:51:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 48EA 624 B
300 B 67ms
66ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIaDz8YBMAE&v=APEucNWJc-FkL_9lxQmzgWOyYe8-ZqbK1B02PwbT0lF6OIpwId1b0niBn4GfA8WitpL_yd6-lqkdCUapaLHyrzPX87YP4W1dxAthQy--qyRFnvgUeEXYQp1moyiugyJInc_vOSSSmhoSLfAZ7D3Jk1i3-Si6Lwstkjac6mEzagugS0IwATPMAO4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 05:05:46 GMT
expires: Sun, 03 Jul 2022 05:05:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CBA4 90 KB
35 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMsRnNgyKwuAuArY1NW5YG6FeXpZAe97DWuP1rQR0fIxDZCTIudIcwWuzBnYJyRw7BIKu4pOcyVQZu_vIGF0puIySPoEsKsOimIC8g0O8Am7qv-M3s8b1zO8wGvH8ZgyquwvDkVkJ_23aN-avC2cB2CTUMMQ&dbm_d=AKAmf-DBDbiuyEZkh38y5qTajAJTKoz_d3yYVL4_TVjYLmI7R5u7_s2VfrzEcs2NLOHpVHaiIzZI2JW7uceckgqACOdBMzYb7uIbwtnJsHZTopBaSMUC0lfz7TvqlcFdhRMfPidAugdhaWu8M-VcVg-A3I2BzqN1fCi4tIlLuBsJM6pDw9nH9DbdB57lQnOuiYMW6ki-ut4LO5vVsXAekXiEfI0jvjc7Xg9qpGui-dqgUTorA9ATnX29AIFsGxP3cOvQk_sBT8ONv1ZJdupf6Aqecx3dppWsISpvYixp97tFbCMdLak4ajIiM0yX6mpk4-GOgEPnLzR-BDyn-OuPPoD4w5HP5K2Y94qiH-pSO0-ZGTIatmHyWMi_dLWb2SG_vTq5HPu19DtscoAy9DU9Waf0_8MeiCt026v56tsq8iu68jHe-PZG0KkD_Gl9mqFJ56BUFQJHKtFVEHBxPe6ZiaNupmXb-KqM7bf7wUeznnJg0ItxSJOAExe5oWojEq5T2LSGm9uxU8Ka8Aobd6sSg0tGZIm7lQ8DNxDcc0S3a1djrSUEqkF8m0kjjob5XFSX-WpgMYyHfg_XeGq86Brv6WzMN-36J8Yey8bXNWK4pPbR8mCAyY7iwUC_vbdwdzF0vz_S5IsbBazCnwLvmgtLZLogFs7BloU7kT04E1GodNpErgAJoNcyiBzFSUHUcb3cynmuZ3lP_yv_q8k_3QTJK6mT9QmL6nq56czUUXP7lfHVbl18ElZMlY-SXOpEgep0HQF4C2GoPWnq_AdAZwjTpqg88cVBtPGaS_le0ahIVyxtRhwuh5jpJucDJNsVjWVc3Fs2XAqrMkxVIgntwfjctb9sD556R_TNuMndhmnsOnOb9AGQQ1CK_xT4tY0i0Mz3Wz-oSlbMorMNw5v8ZtFHGeniTi7ecAQT3Q8KlPjb761NB5AutXU7mMVDsbcObPA2zpqyCD-tcyYo-FIeQyme2zkTpRlH_lPvX0P9L210Qm32_fgF5ul5Zrvly8St-BSgjXbGdKHIwteBa0xHzg3Kwfb_m_TX4RcKiblbMwAWVotxcp1V3twZA47upfXQR8bIhCmC4Fgta-nfJ926dRDrlQJ2z-ywu5hFZNjRpDmSOOmG51fXjBp7ILD8dINzpeugKkmDFLtWeeiPPcX5Db6ELK_DLj2QixcFojCj0tjUI9CySbQp-VjWkHB6J8Dfk5n4QDBUqJnlV1__RzT5UEnK5i-n7JAe2nuduqV1cNaMcMW5eVaYcqA8kVCMviK1-Bg32CMFAC15g_pjfcyK549C45Rj1-M_OuMiveTo08_Grbo2r0aJP4dgi5FEDY6rSr5vDbthWdgBFwr3X1Ic6E2mEyFptSzL29lQH6fHu0wKUuk_o--QIwOm57npEjBVldKXNdqaPoZ9mGzeGaROqTT_1rZmAR7mmYwyVhDgzt9aALya_w0a5AS_DROWu833EV_tsL9qF_LGsNAWFERy7OaT2SnqaTc5teQzqisT5HLO1gPiPqrQDDwwBVP495d81msuT7METTu3X4A5Lnh2UbLpkg5hTNcm73wQ8dXbAOle-FtrYP7vbJN4-GEtElF2xKzv4zjSTHl_f8Hm1olAt92L80KUwfH0F4yVCUErsFEwHV2I06Z3c5mHQe6263-yAZSAsGps4p2dps4-n__tBVmQD8G6efPA11EcsfjPauXrd0jejpEDWpiApiLiDzcpnM-Wua0A-qUFgQhxvuf6tXnRIzfQ4ZJbYz1YYgqBZF_EBYSYEdcRiXsDpx9P_Bg8C6RGMVfvVmxNYpTW3EUOu5t9eP275_N_maPotXC2iT--ajb0Znts0lMQX2Rfvvreq18RPXyzgGKLLFOC3JQoJmqYKlwuI9i4TQH-I32skRjvJnhsTkPo1aauiE_gmjwpxGdfthrYcFpXM4n0yR0kqPAhMnITApj-Fh_vCBaGOkBusHD7Q3_aC0UjYo5ReBwaAhXQWIgXQx_WZsUc4-dEyqdX8fydNJGJFAIYs-cwa5g75Af9vsvT_yM3yOdWFEc4FtQoHm9J5aNy7s1ETidKVB-urh6gHEGt2Sm2wNuZX1c9bBGBDNSoYd_6PDhLryKYiXVBpIXCkBzonGERpALOSXaqbBRQXWYM5MvJepcYyTGq4dhYH21-Oqrb0usifgNLZ8v8w0IlkkNAI4zrZNU0iVkKlCuAkGGlriOLFXBSvuOvJC5RMU8OUHfShglV_9vIX0uKi75UsoBapk4aSXl5ToztMII8SO3c5Khyo_3govwsZX5J1tJ0leRahcIyl1TwhCG6g6o3nIejVb9bVR0TO0EriAPSJabVo7yceXsJ1nsSEc4Lof5wdW6c-R0g5B3RZR0cmpBITxMgARBcaEfCByeWBWtjj0ii_BNrMMYodPPCaBrdjRH9P438aq1o-b8Ms1mwyFbYKvCIERpaGrOMP2IvVcwlSKc6xKIDBCUzKgRAQX4RlNMWUvvHX3-tA2mzwoGuG57etgusKaXeENNB-xgyjZD16uacdcAZndlS3NR1iEwNnhf7fGFFK61M8aP8ZZ6lTKTXsN583vPo8vEABIXclDRVnKqUv_xuBJgRuvRukbvuheb0BbtN8x2TWNo1AG0vk5j_8mnWmrlgcipYJ3schPYai6MWZXu4WQGZK-QJEzWhtWd28Cgd2a1s2JAOaRy02NyXQ2W0t-PVBZIH7eKdMMuTsXpFcOtqCgz7ByNRxjuIJqR5rTcS4jbyPVNBd-4ZnC-CXNK09_HGFGWX1-2NrIxa0EjfL0yph0m7NCtAAA92cDIuCnBYti9NLaJmce5vbig77w1gNz4YdNvtT1sN1FTa80AGNEctNCi0upVfLjWqr9tKpty1FM4hYvePrdjPW8EWcKaevexWPTPqjv0xXOv57vLJGdgypFcRTvnPEfeZikSDt4jmHQ1rrOB1HvSCHXe_drcBojnGa9ouiEsFcRno5se9P4-0E1pnnoOBbXcQFHE14XUywZ-RWtolP-EEetd89rdqsuswuZac06ZJ-JQ7KdRDuy9GsusWXU0dz5BlcKracuvHP9k&cid=CAASBORog4I&rfl=1%2Chttps%253A%252F%252Fgoroh.pp.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96e25a7ebbcf537830969b489dcba0de5673664550ce3516feb6f48faa1b0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 48EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEo6sfzcvUHEnEDxaRN7yew&google_cver=1

43 B
912 B

88ms
87ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEo6sfzcvUHEnEDxaRN7yew&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIaDz8YBMAE&v=APEucNWJc-FkL_9lxQmzgWOyYe8-ZqbK1B02PwbT0lF6OIpwId1b0niBn4GfA8WitpL_yd6-lqkdCUapaLHyrzPX87YP4W1dxAthQy--qyRFnvgUeEXYQp1moyiugyJInc_vOSSSmhoSLfAZ7D3Jk1i3-Si6Lwstkjac6mEzagugS0IwATPMAO4
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 724d168a4e7388b6-LHR
pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDPnJvSm3jVeZLR6u9IqUcz4B6q6E1WWELVdg%2FFQkRiAX2KO9ufT3BLXhMaTf4AdcLQZjnHC0e%2BpGcAYCksWjxuOCIQV60NlrwlGPKYNTBh%2B65j2ZrW2VLvqU1kwYjD55DQH%2ByU%2BmstK4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEo6sfzcvUHEnEDxaRN7yew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 48EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsEjqlXotSmFcl2ngsoRXQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-5POAPy6DJ6uxZPTICqtk&google_cver=1

43 B
912 B

82ms
81ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-5POAPy6DJ6uxZPTICqtk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIaDz8YBMAE&v=APEucNWJc-FkL_9lxQmzgWOyYe8-ZqbK1B02PwbT0lF6OIpwId1b0niBn4GfA8WitpL_yd6-lqkdCUapaLHyrzPX87YP4W1dxAthQy--qyRFnvgUeEXYQp1moyiugyJInc_vOSSSmhoSLfAZ7D3Jk1i3-Si6Lwstkjac6mEzagugS0IwATPMAO4
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 724d168b6fc688b6-LHR
pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x79Je1h80Aj6TW3evmAuvQ7rebtKR%2Bb2%2FVP878tfAZ6ZSG0yEy6%2BfF0edLGQcJZyyP5bKVEMTCi6V80HSaJ4MDC6qlHzFRFAGsA1%2B%2B%2BwacksN08SCqQW26%2F8c5KNYCPuFcKFbkbZycKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-5POAPy6DJ6uxZPTICqtk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 48EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_LjR-53r7Ck0vO4U1AmiI&google_cver=1

43 B
1016 B

58ms
54ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA_LjR-53r7Ck0vO4U1AmiI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIaDz8YBMAE&v=APEucNWJc-FkL_9lxQmzgWOyYe8-ZqbK1B02PwbT0lF6OIpwId1b0niBn4GfA8WitpL_yd6-lqkdCUapaLHyrzPX87YP4W1dxAthQy--qyRFnvgUeEXYQp1moyiugyJInc_vOSSSmhoSLfAZ7D3Jk1i3-Si6Lwstkjac6mEzagugS0IwATPMAO4

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Jul 2022 05:05:46 GMT
X-Proxy-Origin: 82.199.130.40; 82.199.130.40; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1644ccdc-070e-4458-9372-b7e781ccbfa5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA_LjR-53r7Ck0vO4U1AmiI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 48EA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg0NzIwMTExMzAzMDcyNzgwMA%3D%3D

170 B
188 B

174ms
64ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg0NzIwMTExMzAzMDcyNzgwMA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Jul 2022 05:05:46 GMT
X-Proxy-Origin: 82.199.130.40; 82.199.130.40; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7d1dff36-a770-46b9-a4ea-47e258dd5c7f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg0NzIwMTExMzAzMDcyNzgwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/991453/61757014/ Frame CBA4 46 KB
12 KB 208ms
58ms Script
application/javascript 54.246.186.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/991453/61757014/skeleton.js?ias_dspID=3&ias_campId=27076785&ias_pubId=pub-7943937342790223&ias_chanId=1&ias_placementId=16472294627&bidurl=https://goroh.pp.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gq7D16r8lBWAFJGvnLv6R4
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.186.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-186-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ebe0d4c743f1c0ba919c063fc761c360671eeac4f18d256533ef4974465397c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CBA4 170 KB
59 KB 196ms
54ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 11:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Jul 2022 11:21:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame CBA4 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMsRnNgyKwuAuArY1NW5YG6FeXpZAe97DWuP1rQR0fIxDZCTIudIcwWuzBnYJyRw7BIKu4pOcyVQZu_vIGF0puIySPoEsKsOimIC8g0O8Am7qv-M3s8b1zO8wGvH8ZgyquwvDkVkJ_23aN-avC2cB2CTUMMQ&dbm_d=AKAmf-DBDbiuyEZkh38y5qTajAJTKoz_d3yYVL4_TVjYLmI7R5u7_s2VfrzEcs2NLOHpVHaiIzZI2JW7uceckgqACOdBMzYb7uIbwtnJsHZTopBaSMUC0lfz7TvqlcFdhRMfPidAugdhaWu8M-VcVg-A3I2BzqN1fCi4tIlLuBsJM6pDw9nH9DbdB57lQnOuiYMW6ki-ut4LO5vVsXAekXiEfI0jvjc7Xg9qpGui-dqgUTorA9ATnX29AIFsGxP3cOvQk_sBT8ONv1ZJdupf6Aqecx3dppWsISpvYixp97tFbCMdLak4ajIiM0yX6mpk4-GOgEPnLzR-BDyn-OuPPoD4w5HP5K2Y94qiH-pSO0-ZGTIatmHyWMi_dLWb2SG_vTq5HPu19DtscoAy9DU9Waf0_8MeiCt026v56tsq8iu68jHe-PZG0KkD_Gl9mqFJ56BUFQJHKtFVEHBxPe6ZiaNupmXb-KqM7bf7wUeznnJg0ItxSJOAExe5oWojEq5T2LSGm9uxU8Ka8Aobd6sSg0tGZIm7lQ8DNxDcc0S3a1djrSUEqkF8m0kjjob5XFSX-WpgMYyHfg_XeGq86Brv6WzMN-36J8Yey8bXNWK4pPbR8mCAyY7iwUC_vbdwdzF0vz_S5IsbBazCnwLvmgtLZLogFs7BloU7kT04E1GodNpErgAJoNcyiBzFSUHUcb3cynmuZ3lP_yv_q8k_3QTJK6mT9QmL6nq56czUUXP7lfHVbl18ElZMlY-SXOpEgep0HQF4C2GoPWnq_AdAZwjTpqg88cVBtPGaS_le0ahIVyxtRhwuh5jpJucDJNsVjWVc3Fs2XAqrMkxVIgntwfjctb9sD556R_TNuMndhmnsOnOb9AGQQ1CK_xT4tY0i0Mz3Wz-oSlbMorMNw5v8ZtFHGeniTi7ecAQT3Q8KlPjb761NB5AutXU7mMVDsbcObPA2zpqyCD-tcyYo-FIeQyme2zkTpRlH_lPvX0P9L210Qm32_fgF5ul5Zrvly8St-BSgjXbGdKHIwteBa0xHzg3Kwfb_m_TX4RcKiblbMwAWVotxcp1V3twZA47upfXQR8bIhCmC4Fgta-nfJ926dRDrlQJ2z-ywu5hFZNjRpDmSOOmG51fXjBp7ILD8dINzpeugKkmDFLtWeeiPPcX5Db6ELK_DLj2QixcFojCj0tjUI9CySbQp-VjWkHB6J8Dfk5n4QDBUqJnlV1__RzT5UEnK5i-n7JAe2nuduqV1cNaMcMW5eVaYcqA8kVCMviK1-Bg32CMFAC15g_pjfcyK549C45Rj1-M_OuMiveTo08_Grbo2r0aJP4dgi5FEDY6rSr5vDbthWdgBFwr3X1Ic6E2mEyFptSzL29lQH6fHu0wKUuk_o--QIwOm57npEjBVldKXNdqaPoZ9mGzeGaROqTT_1rZmAR7mmYwyVhDgzt9aALya_w0a5AS_DROWu833EV_tsL9qF_LGsNAWFERy7OaT2SnqaTc5teQzqisT5HLO1gPiPqrQDDwwBVP495d81msuT7METTu3X4A5Lnh2UbLpkg5hTNcm73wQ8dXbAOle-FtrYP7vbJN4-GEtElF2xKzv4zjSTHl_f8Hm1olAt92L80KUwfH0F4yVCUErsFEwHV2I06Z3c5mHQe6263-yAZSAsGps4p2dps4-n__tBVmQD8G6efPA11EcsfjPauXrd0jejpEDWpiApiLiDzcpnM-Wua0A-qUFgQhxvuf6tXnRIzfQ4ZJbYz1YYgqBZF_EBYSYEdcRiXsDpx9P_Bg8C6RGMVfvVmxNYpTW3EUOu5t9eP275_N_maPotXC2iT--ajb0Znts0lMQX2Rfvvreq18RPXyzgGKLLFOC3JQoJmqYKlwuI9i4TQH-I32skRjvJnhsTkPo1aauiE_gmjwpxGdfthrYcFpXM4n0yR0kqPAhMnITApj-Fh_vCBaGOkBusHD7Q3_aC0UjYo5ReBwaAhXQWIgXQx_WZsUc4-dEyqdX8fydNJGJFAIYs-cwa5g75Af9vsvT_yM3yOdWFEc4FtQoHm9J5aNy7s1ETidKVB-urh6gHEGt2Sm2wNuZX1c9bBGBDNSoYd_6PDhLryKYiXVBpIXCkBzonGERpALOSXaqbBRQXWYM5MvJepcYyTGq4dhYH21-Oqrb0usifgNLZ8v8w0IlkkNAI4zrZNU0iVkKlCuAkGGlriOLFXBSvuOvJC5RMU8OUHfShglV_9vIX0uKi75UsoBapk4aSXl5ToztMII8SO3c5Khyo_3govwsZX5J1tJ0leRahcIyl1TwhCG6g6o3nIejVb9bVR0TO0EriAPSJabVo7yceXsJ1nsSEc4Lof5wdW6c-R0g5B3RZR0cmpBITxMgARBcaEfCByeWBWtjj0ii_BNrMMYodPPCaBrdjRH9P438aq1o-b8Ms1mwyFbYKvCIERpaGrOMP2IvVcwlSKc6xKIDBCUzKgRAQX4RlNMWUvvHX3-tA2mzwoGuG57etgusKaXeENNB-xgyjZD16uacdcAZndlS3NR1iEwNnhf7fGFFK61M8aP8ZZ6lTKTXsN583vPo8vEABIXclDRVnKqUv_xuBJgRuvRukbvuheb0BbtN8x2TWNo1AG0vk5j_8mnWmrlgcipYJ3schPYai6MWZXu4WQGZK-QJEzWhtWd28Cgd2a1s2JAOaRy02NyXQ2W0t-PVBZIH7eKdMMuTsXpFcOtqCgz7ByNRxjuIJqR5rTcS4jbyPVNBd-4ZnC-CXNK09_HGFGWX1-2NrIxa0EjfL0yph0m7NCtAAA92cDIuCnBYti9NLaJmce5vbig77w1gNz4YdNvtT1sN1FTa80AGNEctNCi0upVfLjWqr9tKpty1FM4hYvePrdjPW8EWcKaevexWPTPqjv0xXOv57vLJGdgypFcRTvnPEfeZikSDt4jmHQ1rrOB1HvSCHXe_drcBojnGa9ouiEsFcRno5se9P4-0E1pnnoOBbXcQFHE14XUywZ-RWtolP-EEetd89rdqsuswuZac06ZJ-JQ7KdRDuy9GsusWXU0dz5BlcKracuvHP9k&cid=CAASBORog4I&rfl=1%2Chttps%253A%252F%252Fgoroh.pp.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 04:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 04:53:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame CBA4 27 KB
10 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 05:05:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CBA4 41 KB
15 KB 177ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 16:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 16:55:24 GMT

GET
DATA 200
OK truncated
/ Frame CBA4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 606c69054e2679bdf3cf4bc894d30e669850e8e3585a9db430ea688a2f1645e2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.gr.19.8.319.js Show response
static.adsafeprotected.com/ Frame CBA4 192 KB
61 KB 200ms
65ms Script
application/javascript 2600:9000:2491:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.319.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/991453/61757014/skeleton.js?ias_dspID=3&ias_campId=27076785&ias_pubId=pub-7943937342790223&ias_chanId=1&ias_placementId=16472294627&bidurl=https://goroh.pp.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gq7D16r8lBWAFJGvnLv6R4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:42:27 GMT
content-encoding: gzip
age: 1689800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Jun 2022 18:01:50 GMT
server: AmazonS3
etag: W/"a1d669bc0776f421280ad4154b1ce523"
vary: Accept-Encoding
x-amz-version-id: mNA7gJwBAdrYqRYSnebG4JRwK6iKHdgs
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: RRgZBfwkTrxbd_FxU3QWrWsmA2tB5uqhvWVs9GH6EYeldGP9LFuinA==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5278 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 484076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 85 KB
22 KB 173ms
64ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5633628651220e156119765f4835157c82ed34669405146a2ee0eadf70ef2a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 05:05:46 GMT
expires: Mon, 03 Jul 2023 05:05:46 GMT
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CBA4 0
306 B 108ms
101ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstiYpI1Ph0XxASLdAH1S4dvM3dQo3l3r79fhjBFyeFr99uDHGMhPNaGXiuppb2hEUBt2hm1YduL29xjhIMd5Sf1dJsLxeKyJYtr9N-gnkPPQ30jydCoBo5ehCeXi6ivE9l_11bIOzQwJznSaKXwTX51XS3l-BsdtSTt9GP-p-PQgkXo2ieQoEDtKlW8c7FcQnrtVHjRSktVa1ggTeMouP6tXGkZNOuNvsnGPiL4-7cshN7BGThKdXcfnghWBc8L_JrR4J9iG0yMRE-EdyemAFKYeOB62WFJe_Sr7P7JHpJ-TF9ByIMS5y-MwAFDr6OA1qI2oV_t7-wx1k3kCYFa63aWFmItqg9PmjwQSVNZLILscS13dRNTF7WQJbrzY4mM38SOmopmQgSSHIlgoL5FWbllnJ5vhNpN2lb2LqJf5SCBwBKC_hgdEUMnoKEH_A24ycSiGP_ifTlSMn-XKpkFaAPAPgQhAaXSkmxbVhJOsYMui6CO-a83RF8rAi0Y8vdKkaF2KJRUIZ17qrg6XvHnAwwPSoiTDEx8Oq1_2-zatFLDttMKymfc6l9N9OGvauEXOIGhYFTwO2-_Dc2XOs1FdOfxX5oaBWxlkUTjtaDdgRSLorFcnSSp7c27hnA26QeK_MPRox_UDHpLKE3sVRHVEGNjezKNeiFXo-LUfyWwTHWvVhAv84cxf3oKiigEXOQSXaBlBTAHbqpDZmHz2Vgnc5AXPYhSyB-UlKK98u_HiLCKI8yt4XKV5jGnD4FHpC5fvIZj63KCzY3ttwWppO3lOntRHcvWKUPpR7NUFiPnwFUz-Fc4DjoSJqVzaGtC9TtkobFz5jSLbHZ023PexVxtfPE1rrf3YfCJlGWpyGTsOG_4y19OtzDw6QXBVPZidmeaSkpdcZO5VOHElCR8FSLf3wVPPREg5EIaUkrlaNzo3QjbOjKc_Wt3-f6vbco63kCLLMYz3a0q3ttTdTXiMAJyj7rVy_Vr51sUBXX9a6WryPck-A9HrBN63hGAME5Bh34LtFATYvxq-cSvS0VCt4URivRNeTsEu4ClNJmgVLyRz21q_61rd5SLPFcxgvX0wI8YgXF03ayrsw2uYz2_h-XV8ORiPo6-PmPMnqzbCrXNP-lvtTT6XdNBfTiybmmt0rxEGNSKHOZsI-En2opQeA&sai=AMfl-YRF3iyVoWHUqpP0z9b5Yt0APwA5BgYdsWTdV0nB2ILTQNPeVqb6YYkEiK3ncSKNq3SDtQjk1iE0HlLzhQ1dA4pX0X_JR4Hw1pVLQOM3tFqD2vcAOngA2KDpCS9c8qpvY8Sp&sig=Cg0ArKJSzEi7cCSTymuTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=314&cbvp=1&cstd=305&cisv=r20220629.01717&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 03 Jul 2022 05:05:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5278 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 17:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 17:53:58 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 60DD 118 KB
40 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Jul 2022 07:43:16 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame CBA4
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/991453/61757014/skeleton.js?ias_dspID=3&ias_campId=27076785&ias_pubId=pub-7943937342790223&ias_chanId=1&ias_placementId=16472294627&bidurl=https://goroh.pp.ua/...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

53ms
53ms

Script
application/javascript

2600:9000:2491:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Server: 2600:9000:2491:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
age: 11891264
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dNJBPI_uFVeFXur0rcyVBXikz8qSHxHjXr2s23EXIdL4o_ij98s0HQ==

Redirect headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 969C 80 KB
21 KB 58ms
57ms Script
application/javascript 2600:9000:2491:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 4134673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: 2Jwrvu2wIRPhDKzWA5k_EjKSKYtTtlMmxBe1FPTwejBRLf_iHxUUCA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5278 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMIGxqiPBYuemDoGS3gPp5oH4AQAAAAA4AeAEAg&bg=!sbKlsvbNAAaLlKKnq5Q7ACkAdvg8WvfpfFDv4X3iGNbXTaRoNCuQ6dofI7qx2JOCt_6Xuh8YxVzyQwIAAAB1UgAAAANoAQeZAr04r6ekFWr3hKcJrBiE2PGbGxSPcydf4DlF4r6e5i8smjFE0FUK2RU9wr2iyrAe-57iIVZ7J8GAuUSjVXYNU8KbjH6IRqwzkMeu2YSvcjlSD0eQFBkO-Eo7rWvDdPQMfLrOH9ngTrz-bW1kHsJGh82lgvDmnl6CfnHv6271hV23EMAuxelDMFe0uhZmU0q4O69rftYV9mmxuwuBlApjRIPuA3a6BFOOcAVCYhuKya3YYKCbKjg_QJ-GEoissFNLfdpYVT5XWLgRLq__KrqPR0_EQaS0CkHMfo4i_5HFqhAyDkUT1hL-WFf-D59kiWksCqzKykrYsRl5JyUTvRTI020zo1N6tPMB1iMf4yA3o7Dff5-QUvF-gv5HXOdFZSAMQyDrhj5Dq6efYEEYs5QUFO6lSgM61ts6K8yozFBbp4BPlQbZeDbLjmkovDhC_UG7S2JcV2NZoNeYKO_ej5qH-lIZjNRTAGzrBUwDTyJmvSrxGFouLNPsSVMs85NLg_ilUWkDcsqU2UWgAI2oTbevfQw6KfngugkNle2CxJXbL6jdCpSSoaiTGfOkdT-Bskikti7vvNVGDnYd_6BJ92JwnHfrDXjJkApq0xw7EBaQEm-HyqWZl8xaPX37AhdACAhUxL9CwQ9o8FoQ0ol9x1eAaPoQCc7XS-bYBvGseiXtRA9h32TrfiDjd_CqZTtMUEh5SVhY2OTIPHJ0SPNgZBmnqfueLp6jHBkItnrvHkLaQnMQosqHPHvtyqe83LqQvP6ovzGjfBlPb4AI1bBbAoIgVdYWG9EULIdWvcHhGStxusjlp90EMpRxjC750_5AJsdlVBlncBMPImG-H6-aFkWtmzVLOaIkIykmokUTiOinv6y32-bjJ3CElWNFIfZMTlmersUBaPOq6TjyucAXCnRE4acA3mGCLqXsTbZoOxVPDQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
215 B 428ms
130ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhahm,pingTime:-3,time:352,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:323%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:352,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
216 B 424ms
129ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhahn,pingTime:-6,time:353,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:353,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:goroh.pp.ua*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 26 KB
26 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05d1a7aecf16815df7b0dd4dcd2096f5a9cbd7c933b7831bea0178791c4c606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:33 GMT
x-content-type-options: nosniff
age: 538513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26388
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:33 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
215 B 408ms
130ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhahH,pingTime:-2,time:373,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1143,beZ:1145,mfA:1437,cmA:1439,inA:1439,inZ:1445,prA:1445,prZ:1451,si:1467,poA:1469,poZ:1488,cmZ:1488,mfZ:1488,loA:1496,loZ:1499,ltA:1516,ltZ:1516%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:323%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:47,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 60DD 7 KB
5 KB 185ms
69ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ba10f720520aa573099a434337d39db5cd4258f6ba54137a3fbdaf1e87ce13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Jul 2022 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5580
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CBA4 0
26 B 92ms
92ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstiYpI1Ph0XxASLdAH1S4dvM3dQo3l3r79fhjBFyeFr99uDHGMhPNaGXiuppb2hEUBt2hm1YduL29xjhIMd5Sf1dJsLxeKyJYtr9N-gnkPPQ30jydCoBo5ehCeXi6ivE9l_11bIOzQwJznSaKXwTX51XS3l-BsdtSTt9GP-p-PQgkXo2ieQoEDtKlW8c7FcQnrtVHjRSktVa1ggTeMouP6tXGkZNOuNvsnGPiL4-7cshN7BGThKdXcfnghWBc8L_JrR4J9iG0yMRE-EdyemAFKYeOB62WFJe_Sr7P7JHpJ-TF9ByIMS5y-MwAFDr6OA1qI2oV_t7-wx1k3kCYFa63aWFmItqg9PmjwQSVNZLILscS13dRNTF7WQJbrzY4mM38SOmopmQgSSHIlgoL5FWbllnJ5vhNpN2lb2LqJf5SCBwBKC_hgdEUMnoKEH_A24ycSiGP_ifTlSMn-XKpkFaAPAPgQhAaXSkmxbVhJOsYMui6CO-a83RF8rAi0Y8vdKkaF2KJRUIZ17qrg6XvHnAwwPSoiTDEx8Oq1_2-zatFLDttMKymfc6l9N9OGvauEXOIGhYFTwO2-_Dc2XOs1FdOfxX5oaBWxlkUTjtaDdgRSLorFcnSSp7c27hnA26QeK_MPRox_UDHpLKE3sVRHVEGNjezKNeiFXo-LUfyWwTHWvVhAv84cxf3oKiigEXOQSXaBlBTAHbqpDZmHz2Vgnc5AXPYhSyB-UlKK98u_HiLCKI8yt4XKV5jGnD4FHpC5fvIZj63KCzY3ttwWppO3lOntRHcvWKUPpR7NUFiPnwFUz-Fc4DjoSJqVzaGtC9TtkobFz5jSLbHZ023PexVxtfPE1rrf3YfCJlGWpyGTsOG_4y19OtzDw6QXBVPZidmeaSkpdcZO5VOHElCR8FSLf3wVPPREg5EIaUkrlaNzo3QjbOjKc_Wt3-f6vbco63kCLLMYz3a0q3ttTdTXiMAJyj7rVy_Vr51sUBXX9a6WryPck-A9HrBN63hGAME5Bh34LtFATYvxq-cSvS0VCt4URivRNeTsEu4ClNJmgVLyRz21q_61rd5SLPFcxgvX0wI8YgXF03ayrsw2uYz2_h-XV8ORiPo6-PmPMnqzbCrXNP-lvtTT6XdNBfTiybmmt0rxEGNSKHOZsI-En2opQeA&sai=AMfl-YRF3iyVoWHUqpP0z9b5Yt0APwA5BgYdsWTdV0nB2ILTQNPeVqb6YYkEiK3ncSKNq3SDtQjk1iE0HlLzhQ1dA4pX0X_JR4Hw1pVLQOM3tFqD2vcAOngA2KDpCS9c8qpvY8Sp&sig=Cg0ArKJSzEi7cCSTymuTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=695&vt=11&dtpt=381&dett=3&cstd=305&cisv=r20220629.01717&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Jul 2022 05:05:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
215 B 313ms
131ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhajf,time:469,type:e,im:%7Bpci:%7Btdr:130%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:469,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 60DD 17 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 05:05:47 GMT

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C27A 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 17:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 17:53:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
215 B 187ms
187ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhanh,pingTime:-10,time:719,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656824747314%7C%7Cc5d5fe05035bc003842eb7c963b49129%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C3adefb1d141be608a643678525552325%7C%7Ccdad66f03caf0cab8b4fe864ef1f2daa%7C%7C0a60a37136bef696c8cec0f115efaa75%7C%7Cede9c37661843fea353bd67080291aaa%7C%7Ce8d050e9f45262b9be3c0bc44add8a3e%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1656824745&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656824745107&bpp=3&bdt=379&idt=338&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2770590981051&frm=20&pv=1&ga_vid=1694383800.1656824745&ga_sid=1656824745&ga_hid=1317728200&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C31065741%2C31067527%2C31068288&oid=2&pvsid=1615479226856032&tmod=1504226401&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G5xvoplH8P&p=https%3A//goroh.pp.ua&dtd=345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 71ms
70ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b51e951223796febb4d1d39175b4c8e05e00729a18f402fc70f2b0131be8de1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 03 Jul 2022 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10741
x-xss-protection: 0

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 26 KB
26 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/poster.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05d1a7aecf16815df7b0dd4dcd2096f5a9cbd7c933b7831bea0178791c4c606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:33 GMT
x-content-type-options: nosniff
age: 538514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26388
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:33 GMT

GET
H3 200 play.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 893 B
920 B 65ms
65ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/play.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d986ce189291207358a7d6a742dc1a195412ef31296c0f5435cd123844bb97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 893
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 7 KB
7 KB 66ms
64ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/replay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f12d09bdc591e6a2347b198df39587f5f4d4466d9d70d862f837e3ee0316510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7088
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 pause_sm.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 5 KB
5 KB 84ms
82ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/pause_sm.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd3d9aef930859117df3aa9f5872babf077d42e96f48a4522057bece3a07952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4641
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 play_sm.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 6 KB
6 KB 87ms
86ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/play_sm.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae587124abe92df9a591137f5038db6cc7376af48559946185c4ffdbf5c27d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5864
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 audio_on.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 6 KB
6 KB 72ms
71ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/audio_on.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ae94e86d87a15c198fa602c598b20055462140a565cddcc465e65784ece262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6039
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 audio_off.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 7 KB
7 KB 77ms
76ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/audio_off.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb1ba6ef1dd91fd9eb48efb027f86039a6e32327f6eafba0073ad1c629f3f22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6689
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 7 KB
7 KB 91ms
90ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ba1b436700ec1d36ab8c86fe2669ae7c8e0642566f60c28807670e82764a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7589
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H3 200 finale.jpg
s0.2mdn.net/sadbundle/4301321408867970935/ Frame 60DD 93 KB
93 KB 98ms
97ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4301321408867970935/finale.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3852e8013f3d2871d4df9f93730fa4392dd75473c1fad39c54db8215cb6747ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 23:30:36 GMT
x-content-type-options: nosniff
age: 538511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94766
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:27:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 23:30:36 GMT

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-4g5lznl6.c.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame 60DD
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signatur...
https://r1---sn-4g5lznl6.c.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/acao,ctier,expire,id,ip,ipbits,itag,m...

795 KB
795 KB

227ms
54ms

Media
application/octet-stream

2a00:1450:4001:28::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznl6.c.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D51583494E1804058D2C3DABE7964FC3E289BAA.8001C560234CD09AD033B9CF2AFC8380BC51B218/key/cms1/cms_redirect/yes/mh/5Z/mip/2a01:4a0:2c::7/mm/42/mn/sn-4g5lznl6/ms/onc/mt/1656824430/mv/u/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:28::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

04eb75b3113db661ab5f89362bdf8cb0d73cddb9aaf9ad114b7a4d910f34bbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 05:05:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Mar 2022 10:26:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Content-Range: bytes 0-813843/813844
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 813844
Expires: Sun, 03 Jul 2022 05:05:48 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5lznl6.c.2mdn.net/videoplayback/id/93f492f6c76a3000/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688360746/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D51583494E1804058D2C3DABE7964FC3E289BAA.8001C560234CD09AD033B9CF2AFC8380BC51B218/key/cms1/cms_redirect/yes/mh/5Z/mip/2a01:4a0:2c::7/mm/42/mn/sn-4g5lznl6/ms/onc/mt/1656824430/mv/u/mvi/1/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 641
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 prod_studio_01_248_videomodule.js Show response
s0.2mdn.net/879366/ Frame 60DD 13 KB
5 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_248_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ff18e021c3d1a587eb9a6eab9d7299931b572849e07bb530e2c529bf7e99834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4301321408867970935/index.html?e=69&leftOffset=0&topOffset=0&c=R1VmvUdW3F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 08:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4993
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Jul 2022 08:23:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBA4 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzrcO0UW9BLCnyEMhv-Na_laPTupcq-38tBuDpEpRcFz43g1SjCziwGCoWa47zzH9qwDxK5jA1VXt1Yx6FlzmlRigERNmT1Ch4nd5pudZh8W_QyDu_JZV7WRz_MuUuy7E54sKbeg&sai=AMfl-YRJrIH9-RFQFolE20nHZlK35Dtgf_2KtF09L0aIyVp6CVQQEMG0Jaef-LeVQC2pRsDL5ZUaEodyZHhf&sig=Cg0ArKJSzJJmjFFtbgBGEAE&cid=CAASBORog4I&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1954673715&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656824745453&rpt=1411&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 05:05:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20E1 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 16166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 00:36:22 GMT
expires: Mon, 03 Jul 2023 00:36:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96DA 783 B
1 KB 179ms
64ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55e5a8545ee394517b6b1464e6e93fbff727da5aeb94ed5c36562a40d0425b36

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EVEP8dJaWa_iX5IwjI3ibg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EVEP8dJaWa_iX5IwjI3ibg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 05:05:48 GMT
expires: Sun, 03 Jul 2022 05:05:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 20E1 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 17:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 17:53:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 20E1 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d_AwiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:05:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 96DA 0
0 103ms
103ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1615479226856032&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMI56PRk_nb-AIVAYl3Ch1pcwAfEAAYACD7n8JQQhMI17iqk_nb-AIVt1wVCB259QV6;met=1;&timestamp=1656824748357;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame CBA4 42 B
494 B 213ms
90ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI56PRk_nb-AIVAYl3Ch1pcwAfEAAYACD7n8JQQhMI17iqk_nb-AIVt1wVCB259QV6;met=1;&timestamp=1656824748357;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
107ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1615479226856032&bg=!FxSlFFDNAAaLlKKnq5Q7ACkAdvg8WsR7v61tFOGYnBtEZ7g0F4X_joV1uqMf4l79Pz0C3kxIoWhrFQIAAABlUgAAAAJoAQeZAo5kwuGuSjnBAcCJZlfly4D1IBuoR9GwEHTAuZRYSTOjG7j9vD4fLrVoHVbTRqeZi2lSQAmKg27g6iw3MHdQlvZSHRPFNLMTK6TswJnkNo8Xi_Vw628Q3OKMoAI313flRfSOJxSA2JyAdx8oOf0f4db-tVbmRASiJsynlZ4Q1yYLWwinew-3M3P7TKRDZudWpOhUnyZJl4M8Y3mWtMHFKSMM30Ebq_IuB6AlSYWz2giV0GpU8uLf2ByWJwgS-yQINsDVqfQ_vAWgXiESrXuH_WwExsQSoRW8nhaNLvrY-i5PNMiQC3c-Qs1WzJaSO4MCQWguSa13juGRUGB7-gUfKQSFpUHP-IoGJ4XtU0z3apRQSVsqUZqOyzYfJGc9MpiEQlLcv5Yq60S243f4PADTabI5Gj7-VhW5FJMEmONGgSquZLqQHj310JzvT_3XI0j9EPH8Pyn9Ao-W7UpV2dXnDbTzF24FcUL3bDEhlVcGoH935vAnEtE9UZ3Mi4aF7_M4Jbo9hhD1G3ZaokN-1sTj2R2nokxhONKtJPNCOV5DsnWrtEIL9rwZwPz9QqI-uJHTsk_cyTGgG7W6-L8GCKqfWrXxru-vMuoiJEAEmdRVC26SVP2B0RGfLV8yyyAcr5EWWW9xBwcPl1NJHuyjWURWNNNcomGxYIZIeZnJyoHCEmDUWgKegJpNZOr1YfIHXtpwsZ2GUrTls0c7OWQTT-lNC4tmRXuIoKuLOn1N7QSXyIJcgxRTnUIuVOzOK2mZUq-WwQy_O4D2mLsnWf109yKTHsVSZ7OSZj3kY2Tv2n1LLiwjxRdn6RuDZWNpdSTc4hKJVoOij9XHJ45afAFViM7y-9gzrv5eWYAzxsOaOVAhKLI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
215 B 131ms
130ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhaNY,pingTime:1,time:2374,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:323%7D,%7Bpiv:100,vs:i,r:,t:1373%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1074~0,0~100%5D,as:%5B1074~300.600%5D%7D%7D,%7Bsl:i,t:1373,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:190,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:49 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CBA4 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=1a057c9f-1621-1316-1161-27969a51e51b&tv=%7Bc:hhhaNY,pingTime:1,time:2374,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:323%7D,%7Bpiv:100,vs:i,r:,t:1373%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1074~0,0~100%5D,as:%5B1074~300.600%5D%7D%7D,%7Bsl:i,t:1373,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:190,fm:tauTMXO+11%7C12%7C13%7C14*.991453-61757014%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:62f7:8e70:f2ce:1785 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 05:05:49 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goroh.pp.ua/	1970-01-20 21:44:56	Name: _ga Value: GA1.3.1694383800.1656824745
.goroh.pp.ua/	1970-01-20 04:15:11	Name: _gid Value: GA1.3.1324433251.1656824745
.goroh.pp.ua/	1970-01-20 04:13:44	Name: _gat_gtag_UA_145685605_1 Value: 1
.goroh.pp.ua/	1970-01-20 13:35:20	Name: __gads Value: ID=7cd3cce94bc61f73-2213d8adc3cd00a4:T=1656824745:RT=1656824745:S=ALNI_Mb4Ark1-AbSOoCb3zqP0ge7lkPPEg
.doubleclick.net/	1970-01-20 13:35:20	Name: IDE Value: AHWqTUlSNHhpvg6VtVtjdUbGVUE7gjKLtTPFM_DhF-1rPiIwNv1mUgcpVMjZ8FQSaiE
.casalemedia.com/	1970-01-20 12:59:20	Name: CMID Value: YsEjqlXotSmFcl2ngsoRXQAA
.casalemedia.com/	1970-01-20 06:23:20	Name: CMPS Value: 5093
.casalemedia.com/	1970-01-20 06:23:20	Name: CMPRO Value: 5093
.adnxs.com/	1970-01-20 06:23:20	Name: uuid2 Value: 6847201113030727800
.adnxs.com/	1970-01-20 06:23:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>w^F29!1yIE`fS1ueD1W-044)d+]Ue.rzsOcGQM-gr`W/op(4qMpf:p1Fw+cg??-eP(hw9P-HC_#u#Vd)VFe_
.casalemedia.com/	1970-01-20 06:23:20	Name: CMTS Value: 205

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://goroh.pp.ua/(Line 165) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.co.uk
adservice.google.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
goroh.pp.ua
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-4g5lznl6.c.2mdn.net
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.18.126
142.250.185.98
172.217.18.2
185.33.221.15
2001:4860:4802:36::178
2600:1f18:1aca:4281:62f7:8e70:f2ce:1785
2600:9000:2491:ca00:8:48e:53c0:93a1
2a00:1450:4001:28::6
2a00:1450:4001:801::2004
2a00:1450:4001:802::2006
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
54.246.186.77
0114138e4ac4c4ee867476afc278c243696da522fab0a34776d7d68ca07e3c2c
01ba10f720520aa573099a434337d39db5cd4258f6ba54137a3fbdaf1e87ce13
04eb75b3113db661ab5f89362bdf8cb0d73cddb9aaf9ad114b7a4d910f34bbec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7110dd63ccd4951c07280944478233d13db3547c7c309094338fb76f0e6498
0ff18e021c3d1a587eb9a6eab9d7299931b572849e07bb530e2c529bf7e99834
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1d986ce189291207358a7d6a742dc1a195412ef31296c0f5435cd123844bb97a
1f12d09bdc591e6a2347b198df39587f5f4d4466d9d70d862f837e3ee0316510
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
32a1873e03567492d5bc422049a61826bbb464bc1a1e9b71d32b2f0fccdcf651
3852e8013f3d2871d4df9f93730fa4392dd75473c1fad39c54db8215cb6747ac
3a009d03a153a7c53a2425e4f47c0dc942e99236862c57ad76c1c097a3539715
46ae94e86d87a15c198fa602c598b20055462140a565cddcc465e65784ece262
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e5a8545ee394517b6b1464e6e93fbff727da5aeb94ed5c36562a40d0425b36
5633628651220e156119765f4835157c82ed34669405146a2ee0eadf70ef2a9a
606c69054e2679bdf3cf4bc894d30e669850e8e3585a9db430ea688a2f1645e2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7012eca79c241b0bf156338d10cf0dcfe02343f9249bacdfd497be6d5c5449d5
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
78ee6a1e01d6577d1d16b8d2b3dfd3b5287253ca2e864ba2bad1597f04d930da
8274241d349ddf1c066a4cfc905ad49b5dfc9176b174fb5863e6ae007e0ca949
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
89ba1b436700ec1d36ab8c86fe2669ae7c8e0642566f60c28807670e82764a5d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e25a7ebbcf537830969b489dcba0de5673664550ce3516feb6f48faa1b0228
9e922a63216b81f8eaf1a82bedb7f2eb5c88140d74eacd78e10c609422c05d27
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a704058593912a150b331f58ff19eae7a100383cc647f6f88d1098c8dc928d8c
aca3e0e1ee0b3f5ea6b4e61b81e54f9e9b9a1461b769d669e57718becb54ea69
ae587124abe92df9a591137f5038db6cc7376af48559946185c4ffdbf5c27d5f
aede6403a593039d4b953c0ac49479c3f52764195002d34daa36fd0844e4d675
af90c8459ca54a7866e3d0d36769c7f3aa4061cfeca7ba23db3a3a6eb13fbaf3
b05d1a7aecf16815df7b0dd4dcd2096f5a9cbd7c933b7831bea0178791c4c606
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51e951223796febb4d1d39175b4c8e05e00729a18f402fc70f2b0131be8de1d
b6f5e59627b28dffa37fce186367a7df4b6d99943597b878f8c2e5474eabcc96
bbd3d9aef930859117df3aa9f5872babf077d42e96f48a4522057bece3a07952
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
d547bcf0f8bf51c3c8c5c0d3561306f9d79e31f5ac232788738b72508ed26e0e
d7bd1293a93d09a8681da4ca4ab477b048394157c193b9c4fa95c5371480aff4
d86dc05b5341818e644c1c2b35df377c8046f482bb91c0c9d96fa2b4717825f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1ba6ef1dd91fd9eb48efb027f86039a6e32327f6eafba0073ad1c629f3f22e
ebe0d4c743f1c0ba919c063fc761c360671eeac4f18d256533ef4974465397c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

goroh.pp.ua Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

92 %HTTPS

79 %IPv6

16 Domains

26 Subdomains

24 IPs

6 Countries

1754 kBTransfer

3033 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goroh.pp.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

92 %
HTTPS

79 %
IPv6

16
Domains

26
Subdomains

24
IPs

6
Countries

1754 kB
Transfer

3033 kB
Size

11
Cookies

79 HTTP transactions
3 data transactions