www.oferlo.com.ua Open in urlscan Pro
77.91.72.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.oferlo.com.ua/
Submission: On August 15 via api (August 15th 2023, 12:27:43 pm UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 40 IPs in 13 countries across 34 domains to perform 226 HTTP transactions. The main IP is 77.91.72.156, located in Budapest, Hungary and belongs to STARK-INDUSTRIES, GB. The main domain is www.oferlo.com.ua.
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.

This is the only time www.oferlo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	77.91.72.156 77.91.72.156	44477 (STARK-IND...) (STARK-INDUSTRIES)
35	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
41	2606:4700:20:... 2606:4700:20::681a:264	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2800:3f0:4004... 2800:3f0:4004:805::2003	15169 (GOOGLE) (GOOGLE)
3	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
8 24	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
2 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.19.57.61 52.19.57.61	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:13::6	15169 (GOOGLE) (GOOGLE)
2 4	52.213.146.58 52.213.146.58	16509 (AMAZON-02) (AMAZON-02)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:9000:26d... 2600:9000:26da:1600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2600:1f18:1ac... 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	3.127.113.75 3.127.113.75	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
226	40

17 77.91.72.156 (Budapest, Hungary)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: pop-europe-middle.hyperia.sk

www.oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:20::681a:264 (United States)

ASN13335 (CLOUDFLARENET, US)

eu.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2800:3f0:4004:805::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.16.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.84 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.57.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-57-61.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:13::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lzned.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.146.58 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-146-58.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.90 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.113.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-113-75.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	518 KB
43	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 bid.g.doubleclick.net — Cisco Umbrella Rank: 842 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366	167 KB
41	leafletscdns.com eu.leafletscdns.com — Cisco Umbrella Rank: 580811	92 KB
17	adsafeprotected.com 2 redirects unified.adsafeprotected.com — Cisco Umbrella Rank: 1728 fw.adsafeprotected.com — Cisco Umbrella Rank: 974 static.adsafeprotected.com — Cisco Umbrella Rank: 644 dt.adsafeprotected.com — Cisco Umbrella Rank: 585	356 KB
17	oferlo.com.ua www.oferlo.com.ua	196 KB
13	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1258 r1---sn-4g5lzned.c.2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 318	944 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	46 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	5 KB
7	google.com accounts.google.com — Cisco Umbrella Rank: 51 region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3	77 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 221	5 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 520	134 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 604	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	793 B
3	google.de www.google.de — Cisco Umbrella Rank: 5933	669 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 374	13 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4741	647 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 818	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	113 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1405	451 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 812	676 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8932	918 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 841 s.tribalfusion.com — Cisco Umbrella Rank: 1914	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 921 r.turn.com — Cisco Umbrella Rank: 3853	869 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	134 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	158 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2178	174 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	731 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	146 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44105	609 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216	606 B
226	34

	Domain	Requested by
41	eu.leafletscdns.com	www.oferlo.com.ua
35	pagead2.googlesyndication.com	www.oferlo.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com
24	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net www.oferlo.com.ua
17	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
17	www.oferlo.com.ua	www.oferlo.com.ua
10	s0.2mdn.net	www.oferlo.com.ua s0.2mdn.net googleads.g.doubleclick.net
10	dt.adsafeprotected.com	googleads.g.doubleclick.net www.oferlo.com.ua
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	csi.gstatic.com	imasdk.googleapis.com
5	www.google.com	www.oferlo.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com
4	googleads4.g.doubleclick.net	www.oferlo.com.ua
4	fw.adsafeprotected.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	c1.adform.net	3 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net
3	bid.g.doubleclick.net	imasdk.googleapis.com googleads.g.doubleclick.net
3	www.google.de	www.oferlo.com.ua
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.oferlo.com.ua
3	fonts.googleapis.com	www.oferlo.com.ua googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	um.simpli.fi	2 redirects
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	r1---sn-4g5lzned.c.2mdn.net	www.oferlo.com.ua
2	sync.teads.tv	1 redirects www.oferlo.com.ua
2	onetag-sys.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.facebook.com	www.oferlo.com.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.oferlo.com.ua connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.oferlo.com.ua www.googletagmanager.com
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	unified.adsafeprotected.com	imasdk.googleapis.com
1	s.tribalfusion.com	www.oferlo.com.ua
1	a.tribalfusion.com	1 redirects
1	r.turn.com	www.oferlo.com.ua
1	ad.turn.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	accounts.google.com	www.oferlo.com.ua
226	50

This site contains links to these domains. Also see Links.

Domain
b2b.kimbino.green
www.oferlo.ae
www.broshurko.bg
www.fylladiomat.gr
www.letkomat.hr
www.oferlo.id
www.oferlo.in
www.saishinchirashi.jp
www.oferlo.kr
www.catalomat.ro
www.letakonosa.si
www.kataloglar.com.tr
d34seexzbffcio.cloudfront.net

Subject Issuer	Validity	Valid
oferlo.com.ua R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-04` - `2024-08-02`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-13` - `2023-11-15`	9 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-07-25` - `2023-10-03`	2 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.oferlo.com.ua/
Frame ID: 4B01CA9404D3D0AF14BA1156D51C4F40
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: 695E935CD6D352B7C1B6282C4DAE2634
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1692095258&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&easppi=1&asiscm=1&aslmt=0.4&asamt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458197&bpp=8&bdt=163&idt=175&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2708358061136&frm=20&pv=2&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=199
Frame ID: 134551CE5B906CE16F320E6D4603EA6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Frame ID: EE9549551B10BDE18E024C562627A522
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Frame ID: 104D47E9C22C5522B3CB2C734ADADD99
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7557B154A32386F414F55B77D6E338A0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js
Frame ID: 944CF17952084A533B7BC1A898BC620B
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B2B99C14D798CFBBE9357E2A28F16F2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1A59E627B5167387D8A67545DC6054A3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARj54tzgATAB&v=APEucNX7EX-B-HdtFqM7vptwCr5ufV-FWo9d0lsIHFZkLSnthldsQvHAgF5tVd737gDjDC6md5t6b2Hk8yn9gYVtD6h6suK4Bl9LXBNrZFW6tRvPVxOWjrJBA-KcYFgAkz3pVZj4e4h0DjwTyuTOtRKDAXWXEONGkn4QNumVACLSwU1qLUR-DKY
Frame ID: F34372D349F54A5F25E7FD78871D482A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 12EAEF930576DC8FA8E04752A9F65784
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9A55EE691DF4FFEEA23BD206D0E3619
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8B2E765FE24C9A438ED5DE995506EE44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNW5q5Lxl8vK0tmsVNWOxMW-ETYDOeFqHpR0pSrsJQayohHRwLH9zJKjnIIncXnBM5eqPR9l_h5_aXArgXKRh4tlWD3oMhnYKlfobKLw2qXEuqqxQ6sOi9pZOnBv4Z1pJpF5p_oPf-mdh-HbOLkrGLswAfifssfADtsgjYtDdx1wuzXy8CY
Frame ID: 931C40A8213FE8ED51D2AE2DB83EC57F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 757CF636B583EE837E613FD7DD769A35
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250
Frame ID: A889F5FC4408B52EB2A538B85F7FB2DD
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D53E296077C10959458500DEFC7630E8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 52820262D7656088D6EEB884886BC90D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08B1CC0635510B4CBFDE52EDA04353F4
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
Frame ID: 99FD8460A22311DC4AC5B2C595B02E44
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34DE25034B4B79C53F18F103A90413A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34E08ECA885278B03BF11B14F999C10A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Останні акції, каталоги та знижки | OFERLO

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

226
Requests

89 %
HTTPS

55 %
IPv6

34
Domains

50
Subdomains

40
IPs

13
Countries

3042 kB
Transfer

6818 kB
Size

33
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://b2b.kimbino.green/
Title: Для партнерів

Search URL Search Domain Scan URL

URL: https://www.oferlo.ae/
Title: United Arab Emirates

Search URL Search Domain Scan URL

URL: https://www.broshurko.bg/
Title: България

Search URL Search Domain Scan URL

URL: https://www.fylladiomat.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www.letkomat.hr/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www.oferlo.id/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www.oferlo.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.saishinchirashi.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.oferlo.kr/
Title: 한국

Search URL Search Domain Scan URL

URL: https://www.catalomat.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.letakonosa.si/
Title: Slovenija

Search URL Search Domain Scan URL

URL: https://www.kataloglar.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: Умови використання сайту

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/f99397dcc5231c8fb6021fd90ae44dd0642d143f9d072.pdf
Title: Обробка персональних даних

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENzTuTmaMxw9pJ3xiSK1ZbY&google_cver=1&google_push=AXcoOmT5RnMG-ctluAf9ccWHcxd5Z6ND7FjnbhTuGuF5daStVG6bVjIFnQqxMCpf53tgFSTtIG1yYnCaw9dC4agsyXFlV276SwTsahc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY3ODI2NTI0NTg2MzU4MDE1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENzTuTmaMxw9pJ3xiSK1ZbY&google_cver=1

Request Chain 72

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2KO-WcOkoSysITRQ23L6Y&google_cver=1&google_push=AXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2KO-WcOkoSysITRQ23L6Y&google_cver=1&google_push=AXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 74

https://ads.travelaudience.com/google_pixel?google_gid=CAESELuAB1fD7JoO98HY_pqdkgI&google_cver=1&google_push=AXcoOmS7M6dd8pFU4AZa--vkL9t6_Smoowa0YQ8nnMZqRgL7B8D-QLstXC1BSASXVNRnW4aE7YFp9Jk4XkXweCU4EiC2OsLiUoWWP4o HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmS7M6dd8pFU4AZa--vkL9t6_Smoowa0YQ8nnMZqRgL7B8D-QLstXC1BSASXVNRnW4aE7YFp9Jk4XkXweCU4EiC2OsLiUoWWP4o

Request Chain 75

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOv23l94Z64xmTKp4Vo-POQ&google_cver=1&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ4oNM1INoBcq2TL4iblVSh3Ss0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOv23l94Z64xmTKp4Vo-POQ&google_cver=1&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ4oNM1INoBcq2TL4iblVSh3Ss0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ4oNM1INoBcq2TL4iblVSh3Ss0

Request Chain 76

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELoztVPYixMhLcKd59Roano&google_cver=1&google_push=AXcoOmTyYCCeJWu1NWL3xsz-KR45PPzNHQbDOVYp_1nzLWMvVoEs4Sh8Y3klFlJ1MYExlvBAKSAgvxAMK3kHAhqQ__XyW8iyYURtjxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTyYCCeJWu1NWL3xsz-KR45PPzNHQbDOVYp_1nzLWMvVoEs4Sh8Y3klFlJ1MYExlvBAKSAgvxAMK3kHAhqQ__XyW8iyYURtjxw

Request Chain 77

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFP4SbyDF2f3yx39nE-GiZU&google_cver=1&google_push=AXcoOmTOpsP4lO_O8lPVTAOqm6bTiH5RMwCpdNarscw-B1Fx2ZLswOdhHldGH6JM5uZzY0O8PJvhQV6YrV9b-tuMZ9mQ39K6Uu7dpafd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTOpsP4lO_O8lPVTAOqm6bTiH5RMwCpdNarscw-B1Fx2ZLswOdhHldGH6JM5uZzY0O8PJvhQV6YrV9b-tuMZ9mQ39K6Uu7dpafd HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 83

https://gcdn.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/159381E7315D1C9D9B4000885A774696D56270A8.35C0DA70919C10E3E0BBE558E8F6C64647D373A4/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lzned.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1253A66343924EB67784D2EAB1A2F7717F3A18BB.72E422F42B3F62213F0784947D4F52E1F059BBA7/key/cms1/cms_redirect/yes/mh/NA/mip/2a02:6ea0:c71b:0:1012:38e6:84da:afcf/mm/42/mn/sn-4g5lzned/ms/onc/mt/1692102061/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1&C=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtvPMUz3mWLpG-fdJL3AgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELdRbt88PRJpNzAnOPVG-90&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELdRbt88PRJpNzAnOPVG-90%26google_cver%3D1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D

Request Chain 143

https://fw.adsafeprotected.com/rfw/bgd/1135760/69474494/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4UE9OSA9hH4jC5CyBW2KldR98Mhazm1SGHodKVZvlPGKhg6EG-OMGSigZGy0JtDOBjfgBgSK4vuAiL_YAw315PwNLmuJQptOmYlESiRcAoCZ_4EOLGljneM17iRZP1_kBBNo4nKn4O_hZ-TQYg_WdLkmPM7kEvE_GhKluAyNKZNUElYjZJSTa11P7kyzw_uhBL79c7OCNLxg5fNAlGpSLUVhTWTBMbpb6Xki-LWQFGvE-xBGvF9yXitytBGk8kce38n6r89lbqdxwrqnK3XNRZ5jPjGQHwIMP5DXtBsyVDkri_QNOyL3yjBmBlFPfFvQJBHkbjbYJX5LDnRntl_0RLknLtVJLK3aUJiZCqMCV2CuwhgNspJucNbJU_D-k7MAxXzAQ3fHPjoRTINsiiYqy9ybE2SoyLoIEh_sRXI_QhDaryth2nRRyh45rRtHgptOoQ2nCUGryi-hvh3Yt6y6nZu92cxYKpxBIvZeu0QpajE3hwr9quGuzbH-GH8NaQnKNMppkHm7V9uwWFlOntNQW8NXw4-FGV-wP9XNpe0XqqbuEN1RwLDPz1Mc2ekNMAN7vD6FB_hYp-eHOcizaDp_YY-a0kuOgpeOQbscUyh-Atkb1Sj7Q648thQoHTKcaKDHCMUe4Fzj0xMJNjIVv1Pj__tF_QoFYblEKMT91t0R1_hwGCgPNaf8JBPJ030LnK2PZCMZQV10H9IM15haetYveNT7VUf04ayC1JUScmRaydm6I2_o_VSPs1-Ucd8IygnYwI_aV8q6rUbGKCSLuwfBzKI3eG5urJzpihU9RwVX_eVlMINejS--CTiRQyxD0ZI9DGFSw7KGBBKwr6b8OxxGL1CBJrMrsmkZK7sGEpRV1nfVRRQxPvM-a01pYvx179CT3x8duQn6Zad58ED_all-Eouxkyl79pmskWDApBRHxoL8EAOMD6_SP6308XGJsutggwiee4SXqd7Cs8afSmfX7mhvsNoFw621MxwuMdCu2icG_be1IXN6vczKgsZ5172_TsdHQJa4znosAj1teZ9BKH_oalxryU_WAOCJeBkFLbOF1WsvF4P9ujlWUCIs4xE1qIXQ5-hW0gm4cQ2qSZj8Meom8m80EHnI9mb0VT0W8yxfUySaMm5LcTCmIgzQzcUD3tC5tOJpisL_RWauLsStmY1hF6Paoq0ReNLXr0rvCLCEyl3umi6KhtgFY1AcY4TAm_NSrNNYgjUYBzzUDL7LRRe0jSN0pMFabuZtRboELCzxz1gS4WER0ljGXo6850lJGiA31yvCiUgT-85ZhC0BykmyNP2tgEdmTSYAiAZplHMl0OmfwAJF8FKA9tFPHW5jSeIYCar4ueBT7-yj-N6zXh2k_hivlde6e1SJSLj22AasURde9X_FXEUxQlr_hZyfqZrCTtRMU1vLtkBNObeguTDgwYFoAR2OrLLuUN-1nr4FpwUB7TJt686BXGY5WIdXmKwjpK7xr3YlLpc6LV-kOS4BdQ3tty6HEVPPVVYikrO17n5NHl5Kmk0W-pKjZzVpqV9d6WbBVIbhR9hOd10O_AWGcBSyu28QOxjboikHHL78rAPR9bNlq_RG1Ox2FvniUo4KncItCbBbk4JsL7ipDuR4XM9eg5zAoVFRvbuB2c1RgfKKRP4ghOWRsYOdKCjMWVp_z0KqvGv86vCQnpfPJu3_9Gx8CrMRTSlanbxZCs3AvPyEfqZmV2uawxZ2zDGkofRh_1GkcQWworuEXKJZMatS5BdXH1iEL8F-yp5sfFFF3rbWq98XadtCqtDgwW64j7MyYZ8Dtb-d46k9RtEkw7n_4FtK27h6ty2dbzusWG6FFnGrcmcg4lykeNB3r7tP8zapvh2S4jfOZTXdRoYYWUKwBjBYl8wNV3HE7YZAaCEPG29AawlQxB-ONESTWETr8CV8_n_TLQDApGQGEOl5GPqqz8SThhc4_VB-EZ8Kr4cpvzh7eF7iYzxGJzQRzLY_G1_5e0iTK0zl4SbkPVzNTz1gWQdmb5NH8DEAGnzXVfd7hzC5WuhzxjmcETkzIgFsHh3HYxxmHJIkDDMYBeVOZU3vQ3Axvn7qi-vTiZ-uGCfCLneTFRT9cMtneFXQMQX-H8cE0bKk_1K65jCgomZyzD1soBzehvv6cn_XTUPu48hrLmorfpFbOvelrFEgGa2Ai-qVreLgeqDySapMQMDoF1eDLTlqsB-2kkvo8PAcZRxJpNVV1MF07iJUcWYE0Ur-In04banjDbPf6wXLa8HsMvjHCuxPmIbg7u4LiiYkV7h4z-4DELD_GBYBPFxw_6qfGBnclMZPFIcTMdfN_o8WOa-_LJ_SLymoE_D_1ANivzHmgDdt1quwcth3quTFSW_p_bk8P3Yp6EfIqPCJz_OT9qgPfLXQjrbNhbM0lGZM00n1XyM20_-PB5ti8lBc3orXCZSgbfKfRtn2c-978rHQm2ZfNPYKGwjyLuqMCMaB5TpidMb2sJHrLaK3z2DZ_xu4o7kOctIEp8tTyF0Mb_pW6KuCfqwNH-TE8lwPfVQi3DujHSF_h91jHaUkWqNqPTS35UTDXWcnrHnlcginq41RwFkKVt9NcjtKDGFtsdLrwAAU4uFVzeRx3SH9JB15ZgYemVm62XdLJcV4vRu6_8XebrZPr70-zDDYxc7mny4cS4DWItmfYXhl3xDEYX_cEt4JDoYWFydLABGXNBuWJNcDsXEXbJFPHHzmQpFQBEWVBwUBdQSP6_uyHxDconQs0PNVqQb8qRIkgc0OXhiSWKlSoBmhvmr94mnbS-uA_QpKY-IH0KPE5PtJlbt4OCjNRa5KaJLiaUuMK7zlbWClOOeX8lMS36ukLVo6X1Nc3KXGw6D8kWPb7rHYMyJalZ_etP16HvAjCeuDWaQVwYVAFbonXDrCLV2I8qJ5A3e87tN7eRO3vPWsn2Pezn2hew_6GrVDwNpHe703AvbQTr7i5PWFdrz7Gr8nQLT8dIPS3raILZotQRNlF0kdOK1mDv5qB-4QRSSXF-UhwwfXa-KnZiUbwVW3Bng9WJUTao5gyUIdlcMEi7ukncbXG4Sq7KZkbU38NS2wYvHrbjem3wT_xra91P37rGPFrEx9ior-ahEEPsxpGOh0uh0jGjHv-lxZ_9EvTqWhOJ3EAuSt-xXApqpO5Cg635gQe7WAqILSRX5fih1PVXGqE1FvrWeGoYpBee9iAr1tdEcyHZ1FPmUYicu6JkskjtlHxbTYgWo6zUI9lohF6R3kxEeEyNBDDcZz6GZAfQbvLVahH3vNuQBVx5vL5ExmiVllpUbbDwRaWa1u3l7SSNqnqnQ4jRGEQ9TIpsmPO7SZj0U2xf-yGdhDNh7m3xXk6bmWv90xu8YILvNSjq5DUJDxf1cwUpDEgGjom0EB-FPzMz06FXg7kGNET_OpDdws5MuX3cKsa0zrWue-5XIE1SV-lPKbQCEC-GcvIBGqEea-gw6KV1Eej5bgmZ1w1vcKU9Dt0PwcK4__CNT7ercu8xpRTXLYlssz3qZSp4b8l07rqmOTDyMnNI-Kd1-e7W7K8dw94MxZj0CaEDVD1x7C0jtZS_vTG81F6nuTdn64SoS1sLi2b_wGGCr69uD4w9ZFo48kWYCVZvHJmI4vbPUMHQCyDktOuutN7DdrrpHYOTTcJbg_M0wTLZNcaWpZg6jV2Q3cCeZKFJPdYSUxqU9AUIbwS6XM2-sdSFJb1zy8WNgVl-s5fejJdZhR_kBKY-unjcFVKhr3S_NLnKncB6RNNJDf7vXCN3QEwPG-a5AaJ1OobQqWvMJyzyvPronLx0-bcZR16-guUV1ffO3t0XU222yavsRJFds5_6JgsGqQ1VGbQvjKLuYoalVXcURMEFp6z6i1G-gTMr2UwylNolKjzs__1u-GORYlbIKn_JEHvlNBcwECo-rbFt5eOMGidBnOiSHEbS440j-QwcAMhi4012vLJqptULFbErfS996MPw9RfPhTfn7rB40oVqyG9cFDLYTBqiCTmSrKrkvdwObxmrHX6gt1PSMvGxPhyEkCYI8HQ_W5QGi8IBBIpAGkCUlYHgf8MJt_YwLCFpukKTWWREqaLxKEqm-HdRJ_n_C21AcnMH3EYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=20253320828&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h7NYaFMOVehTFQ1YWRGiD1&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1447540957213601%26output%3Dhtml%26h%3D600%26slotname%3D1893062441%26adk%3D3122728471%26adf%3D3220986866%26pi%3Dt.ma~as.1893062441%26w%3D170%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1692095258%26rafmt%3D1%26format%3D170x600%26url%3Dhttps%253A%252F%252Fwww.oferlo.com.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1692102458205%26bpp%3D7%26bdt%3D171%26idt%3D242%26shv%3Dr20230810%26mjsv%3Dm202308090102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2708358061136%26frm%3D20%26pv%3D1%26ga_vid%3D902450206.1692102458%26ga_sid%3D1692102458%26ga_hid%3D1258383018%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D55%26ady%3D167%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077018%252C44799955%26oid%3D2%26pvsid%3D4424351942008326%26tmod%3D559232684%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D3GRX8ke5s0%26p%3Dhttps%253A%2F%2Fwww.oferlo.com.ua%26dtd%3D247&adsafe_type=bed&adsafe_jsinfo=,id:99823bb9-7c04-019f-1262-a025d8444f59,c:lmK7xP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f9f8cb9c9-f6kvk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tN0lu0l+11%7C12%7C131*.1135760-69474494%7C1311%7C1312%7C14%7C1511%7C1512%7C1513,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:2083c27c-3b67-11ee-b89d-fa47611d367f,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4UE9OSA9hH4jC5CyBW2KldR98Mhazm1SGHodKVZvlPGKhg6EG-OMGSigZGy0JtDOBjfgBgSK4vuAiL_YAw315PwNLmuJQptOmYlESiRcAoCZ_4EOLGljneM17iRZP1_kBBNo4nKn4O_hZ-TQYg_WdLkmPM7kEvE_GhKluAyNKZNUElYjZJSTa11P7kyzw_uhBL79c7OCNLxg5fNAlGpSLUVhTWTBMbpb6Xki-LWQFGvE-xBGvF9yXitytBGk8kce38n6r89lbqdxwrqnK3XNRZ5jPjGQHwIMP5DXtBsyVDkri_QNOyL3yjBmBlFPfFvQJBHkbjbYJX5LDnRntl_0RLknLtVJLK3aUJiZCqMCV2CuwhgNspJucNbJU_D-k7MAxXzAQ3fHPjoRTINsiiYqy9ybE2SoyLoIEh_sRXI_QhDaryth2nRRyh45rRtHgptOoQ2nCUGryi-hvh3Yt6y6nZu92cxYKpxBIvZeu0QpajE3hwr9quGuzbH-GH8NaQnKNMppkHm7V9uwWFlOntNQW8NXw4-FGV-wP9XNpe0XqqbuEN1RwLDPz1Mc2ekNMAN7vD6FB_hYp-eHOcizaDp_YY-a0kuOgpeOQbscUyh-Atkb1Sj7Q648thQoHTKcaKDHCMUe4Fzj0xMJNjIVv1Pj__tF_QoFYblEKMT91t0R1_hwGCgPNaf8JBPJ030LnK2PZCMZQV10H9IM15haetYveNT7VUf04ayC1JUScmRaydm6I2_o_VSPs1-Ucd8IygnYwI_aV8q6rUbGKCSLuwfBzKI3eG5urJzpihU9RwVX_eVlMINejS--CTiRQyxD0ZI9DGFSw7KGBBKwr6b8OxxGL1CBJrMrsmkZK7sGEpRV1nfVRRQxPvM-a01pYvx179CT3x8duQn6Zad58ED_all-Eouxkyl79pmskWDApBRHxoL8EAOMD6_SP6308XGJsutggwiee4SXqd7Cs8afSmfX7mhvsNoFw621MxwuMdCu2icG_be1IXN6vczKgsZ5172_TsdHQJa4znosAj1teZ9BKH_oalxryU_WAOCJeBkFLbOF1WsvF4P9ujlWUCIs4xE1qIXQ5-hW0gm4cQ2qSZj8Meom8m80EHnI9mb0VT0W8yxfUySaMm5LcTCmIgzQzcUD3tC5tOJpisL_RWauLsStmY1hF6Paoq0ReNLXr0rvCLCEyl3umi6KhtgFY1AcY4TAm_NSrNNYgjUYBzzUDL7LRRe0jSN0pMFabuZtRboELCzxz1gS4WER0ljGXo6850lJGiA31yvCiUgT-85ZhC0BykmyNP2tgEdmTSYAiAZplHMl0OmfwAJF8FKA9tFPHW5jSeIYCar4ueBT7-yj-N6zXh2k_hivlde6e1SJSLj22AasURde9X_FXEUxQlr_hZyfqZrCTtRMU1vLtkBNObeguTDgwYFoAR2OrLLuUN-1nr4FpwUB7TJt686BXGY5WIdXmKwjpK7xr3YlLpc6LV-kOS4BdQ3tty6HEVPPVVYikrO17n5NHl5Kmk0W-pKjZzVpqV9d6WbBVIbhR9hOd10O_AWGcBSyu28QOxjboikHHL78rAPR9bNlq_RG1Ox2FvniUo4KncItCbBbk4JsL7ipDuR4XM9eg5zAoVFRvbuB2c1RgfKKRP4ghOWRsYOdKCjMWVp_z0KqvGv86vCQnpfPJu3_9Gx8CrMRTSlanbxZCs3AvPyEfqZmV2uawxZ2zDGkofRh_1GkcQWworuEXKJZMatS5BdXH1iEL8F-yp5sfFFF3rbWq98XadtCqtDgwW64j7MyYZ8Dtb-d46k9RtEkw7n_4FtK27h6ty2dbzusWG6FFnGrcmcg4lykeNB3r7tP8zapvh2S4jfOZTXdRoYYWUKwBjBYl8wNV3HE7YZAaCEPG29AawlQxB-ONESTWETr8CV8_n_TLQDApGQGEOl5GPqqz8SThhc4_VB-EZ8Kr4cpvzh7eF7iYzxGJzQRzLY_G1_5e0iTK0zl4SbkPVzNTz1gWQdmb5NH8DEAGnzXVfd7hzC5WuhzxjmcETkzIgFsHh3HYxxmHJIkDDMYBeVOZU3vQ3Axvn7qi-vTiZ-uGCfCLneTFRT9cMtneFXQMQX-H8cE0bKk_1K65jCgomZyzD1soBzehvv6cn_XTUPu48hrLmorfpFbOvelrFEgGa2Ai-qVreLgeqDySapMQMDoF1eDLTlqsB-2kkvo8PAcZRxJpNVV1MF07iJUcWYE0Ur-In04banjDbPf6wXLa8HsMvjHCuxPmIbg7u4LiiYkV7h4z-4DELD_GBYBPFxw_6qfGBnclMZPFIcTMdfN_o8WOa-_LJ_SLymoE_D_1ANivzHmgDdt1quwcth3quTFSW_p_bk8P3Yp6EfIqPCJz_OT9qgPfLXQjrbNhbM0lGZM00n1XyM20_-PB5ti8lBc3orXCZSgbfKfRtn2c-978rHQm2ZfNPYKGwjyLuqMCMaB5TpidMb2sJHrLaK3z2DZ_xu4o7kOctIEp8tTyF0Mb_pW6KuCfqwNH-TE8lwPfVQi3DujHSF_h91jHaUkWqNqPTS35UTDXWcnrHnlcginq41RwFkKVt9NcjtKDGFtsdLrwAAU4uFVzeRx3SH9JB15ZgYemVm62XdLJcV4vRu6_8XebrZPr70-zDDYxc7mny4cS4DWItmfYXhl3xDEYX_cEt4JDoYWFydLABGXNBuWJNcDsXEXbJFPHHzmQpFQBEWVBwUBdQSP6_uyHxDconQs0PNVqQb8qRIkgc0OXhiSWKlSoBmhvmr94mnbS-uA_QpKY-IH0KPE5PtJlbt4OCjNRa5KaJLiaUuMK7zlbWClOOeX8lMS36ukLVo6X1Nc3KXGw6D8kWPb7rHYMyJalZ_etP16HvAjCeuDWaQVwYVAFbonXDrCLV2I8qJ5A3e87tN7eRO3vPWsn2Pezn2hew_6GrVDwNpHe703AvbQTr7i5PWFdrz7Gr8nQLT8dIPS3raILZotQRNlF0kdOK1mDv5qB-4QRSSXF-UhwwfXa-KnZiUbwVW3Bng9WJUTao5gyUIdlcMEi7ukncbXG4Sq7KZkbU38NS2wYvHrbjem3wT_xra91P37rGPFrEx9ior-ahEEPsxpGOh0uh0jGjHv-lxZ_9EvTqWhOJ3EAuSt-xXApqpO5Cg635gQe7WAqILSRX5fih1PVXGqE1FvrWeGoYpBee9iAr1tdEcyHZ1FPmUYicu6JkskjtlHxbTYgWo6zUI9lohF6R3kxEeEyNBDDcZz6GZAfQbvLVahH3vNuQBVx5vL5ExmiVllpUbbDwRaWa1u3l7SSNqnqnQ4jRGEQ9TIpsmPO7SZj0U2xf-yGdhDNh7m3xXk6bmWv90xu8YILvNSjq5DUJDxf1cwUpDEgGjom0EB-FPzMz06FXg7kGNET_OpDdws5MuX3cKsa0zrWue-5XIE1SV-lPKbQCEC-GcvIBGqEea-gw6KV1Eej5bgmZ1w1vcKU9Dt0PwcK4__CNT7ercu8xpRTXLYlssz3qZSp4b8l07rqmOTDyMnNI-Kd1-e7W7K8dw94MxZj0CaEDVD1x7C0jtZS_vTG81F6nuTdn64SoS1sLi2b_wGGCr69uD4w9ZFo48kWYCVZvHJmI4vbPUMHQCyDktOuutN7DdrrpHYOTTcJbg_M0wTLZNcaWpZg6jV2Q3cCeZKFJPdYSUxqU9AUIbwS6XM2-sdSFJb1zy8WNgVl-s5fejJdZhR_kBKY-unjcFVKhr3S_NLnKncB6RNNJDf7vXCN3QEwPG-a5AaJ1OobQqWvMJyzyvPronLx0-bcZR16-guUV1ffO3t0XU222yavsRJFds5_6JgsGqQ1VGbQvjKLuYoalVXcURMEFp6z6i1G-gTMr2UwylNolKjzs__1u-GORYlbIKn_JEHvlNBcwECo-rbFt5eOMGidBnOiSHEbS440j-QwcAMhi4012vLJqptULFbErfS996MPw9RfPhTfn7rB40oVqyG9cFDLYTBqiCTmSrKrkvdwObxmrHX6gt1PSMvGxPhyEkCYI8HQ_W5QGi8IBBIpAGkCUlYHgf8MJt_YwLCFpukKTWWREqaLxKEqm-HdRJ_n_C21AcnMH3EYAWAB&bundleId=

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1

Request Chain 159

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtvPMUz3mWLpG-fdJL3AgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnn_Y7L1w0B6RnBtSdxx7A&google_cver=1

Request Chain 161

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D

Request Chain 171

https://um.simpli.fi/gp_match?google_gid=CAESEGQnzufiWGpG-xk0aeVbvLc&google_cver=1&google_push=AXcoOmQi09IpUxZ3rreeEfCJnNuk0bDfuoBS4IkP1WBrYpXXKeSCsaUOybel5JG9AQXocl0zRzdgWo_rE0VST8TkzaAy1nXD0Xg1N04 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQi09IpUxZ3rreeEfCJnNuk0bDfuoBS4IkP1WBrYpXXKeSCsaUOybel5JG9AQXocl0zRzdgWo_rE0VST8TkzaAy1nXD0Xg1N04

Request Chain 173

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPqxxXAoS2ybi1zHYqPpzBU&google_cver=1&google_push=AXcoOmSeRm8A0xFcnBrS3M8lLtZuxhXNoJLNeMuifX5cJnt5FpTyOOnaB675tB__F_PdinB60S5aA0h-N44mnB7C2-jpleCQddf6vtU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSeRm8A0xFcnBrS3M8lLtZuxhXNoJLNeMuifX5cJnt5FpTyOOnaB675tB__F_PdinB60S5aA0h-N44mnB7C2-jpleCQddf6vtU&google_hm=saHl9fqpTCWDXe9S74ffroY

Request Chain 174

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJtsGUdEZvOfn76inDfkz6w&google_cver=1&google_push=AXcoOmQ-2oTSLR-zEWrF892kR_DuDri7FnD2_wFUNjqf5OFBERXEIGW_VwAGVQ0ydH50f7VRV-9EO-jI_9PhKLudwj288CXgnHuQ8F0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmQ-2oTSLR-zEWrF892kR_DuDri7FnD2_wFUNjqf5OFBERXEIGW_VwAGVQ0ydH50f7VRV-9EO-jI_9PhKLudwj288CXgnHuQ8F0

Request Chain 181

https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWebmdf9tiOkZaKFF5CpeasCDKcNtQNt60fjHNvOWZ0AiQw0Wu_xjyyTKz75Kb--oJnSZ1jdGZCZvH6sJRZtBaK9e6yk9Gnzt9LZQS-RYAoCZ_4KwNpNbRZfZHZZr0oNA6BvNzeAzQbNcBJnebCD04XJt9DCMWDqwZu7146cyRgdDiC3Q72ZcGrMDJu1IJg7H_0T59L1izSPQ89o1BeaTnid_7mjkEryu9476nbBpJBcEIkeGKxt9Recd2ptNZdchvle8_lnBkFjHzCQd3uvSuecaxLHgRkLpgBAYH9hZRpComhrBEvzq2V1Yv9bc0dXtaCnk932kLxR6FEJd3hbW1A8MQwez1ddKdZcGN2P03aMQY9vtz-TIwjWuyHzHoZu36TvtRRyskOgBUPfMTRkWiMVN8kFt_ZPKUO6atN8zokoJtZ6yFbWUfTKkpSMXAn9AbXJ1Z9Ge13XwCYmDVkWGZjK3mqlvsLMfq_y5Gof74BjCqGdWqdvm4dcUD6iCeICp8ieX1kYp0vLv9rPvmO4vFgYhUYwwXXsipgtNOga7XBMX-_QrrrqHfPN2ihBLg--x64qRm999dfZdGQO6ICB0fGOeNELZia4LbB-gmC_mAPuPBC0blzJL2WPGBD8ye2VVM1YHfA3m-oWM083gMWm5HxhV4qMWZzB5_Qydhp9mhm6IBOaidwNOluv7r9-qb2-KOW5nUfZ75aHjqgPrGex-5x4O3pub8AaTJnI_LPMp1NCwgLnJo0nZhur2dvpIYcJqUqAGlbf__HqbmHoZmlWlP9s0qvrEXP53dFX9gFsGpm0T_WrYaVfdlfrHGHtupRIZP5f-0odmP_iCd13xOdIpehT5CXK-tg9SogPc3gChiRXbm-H8jV1fknVG1MPAPELQDJ13fmxe_Npqv3fXNbeUHY7JFC1KGHaEitCMPriBohe5YjoMiINpnOqVsTRbd9wIa8HoxEuTcLw26Kb7g9aozuDfkfvNNf7wG64JWcyWS6TiEMWyDkZTvxx9tj03f6L75jmDBcyVhbUUBKKbIowcfu0YvhyApmzhXmbZL2rdn96QfYN_Fmsg4lbHrr4Rxawu00uajElUROOtvMu5bte85wEdQcmSRF7wzaoXK2-s3Oe6CYROMc9zYUwTa5XgLADmAfvBL62PWWAvGifEdNYWjwm4jMeDNfvWSSQ_rjjNaZk37dDy_Qagw4KQE0i8LXp4oP-UROTo2OpcvJzJH23hIhMR7Ir5I8kCiK4abSCfO0YF5d6uPGnmC--7vYGTUEDz7ULPVzge2EsIfjGg636QIqE5CogsT8-g2_jbzn6h3dMWzjo2yIQnV_mPQGKwGsh1oDWAy-8ySbP30oaTyezdkuKJlawblzSCLCpUYmMGhjibz6sWwLDYWyKWAv8c3AQB12K5ore-B5C8qK7uy-k5J9WW19A947U9n3jNC3jpE3AsiGHBThUGgY68boU71n6jcQ5dfPnCnSRx6wlbW2Ch91WQBUSUvaOxJyAJoLzwrinmkjEKWMFrJL2KUaNwTb_OX8SC0vK9Y5DwYVFXnxn01XBTu9-ba6eYfD37xniEiFgVcEsGGvBo_-r0SAoVrxQ162JpRTFROVIFelWA61ihnhICbsHcktlx_mLfb_O5lnmjCDyYgI1MrBMJf_c82SO2V85_Y491w9msNw7Alof4kr_lxLeXvTt8ZoWFfdsY5z70ZW2_t9hFKKMrAcH-gYZggDHQiHPJyl6WVYJQiqc8bo-RTqqek3G6mKuZw2XFC7B9b7lE-2ZDbso9f5UcBmiPmUJkZpRdKVCwJzDjy0OZ4Tfm5ab7c8_P7N27kALbhL4QiQpaCJxnscBUMfbSiiC-C9VDRchyUidpphFZDX6L-jJscZGmgb52cYcz04dFyw4BLsNkT9bxj70jH2ZLeE7XdfYN49GeYPkuYZ6IYvTZX2JPL8FTrG4WteXXNJzSd3t44jot3F6FK_amZ8QRNgXeuEyyHwrGKaG4nA2x5Y4QdCOYjtAQ9qmsFNAAkgCMxo-2j1WDeQqfDeQzmKdjiRsf6PR2u1b2PrDcJOLLk-PfiE9vyP7We59RHKDGgiNlheuFbyUUSowV-JS48cisMoh8w_dIKjesNjfYjhTw_Ew-QpnJkPgiKBgziSywGSmI08AjChT4F002L2ShKmnCSWySZwAq4dwbr1P6qlCYsgDZ0mlXGuvpzc5Wuwm7BBpsYlicbWro8S2AWvquMURrmckgyzv5G2O0nddfQ4KXjPSWT49kwgK5HDkVnpANRfESfjeFibS-rp0PA3A5tXWD8a9m3S5AliGoW3leGD1Oo4kNAfv5FacAwVgogczdRdsAybupx6SLTBCYQ9rK1KUmxfg8Af8KHFDrgxYzBXiKK0pyj0VtPekKb5ZJ0jMHVLBO-gfnAydNqgygz9GtLlyioCnucgIHHQDi2mZXXrTeOAWPye3BJaTV8dyGUgttwY3U_mYkvqlFY4h5h3pU9hSHBxrEVIlUB4OGDPVcFWb5YMuw8Yg22Y-f3npH-tb0eHUO2gYi9vprB9laxNvYMBEYmrkPQzjLUN0nU5Enve3Rgrla-TT357djR2n2XwYP4YPRaVOL1TeiY5Zv5rB2Jl6dIFJsOottetRB6m8oy6tOf0r0dz_GKZYhtNteZbdDipxpp6Vap6E7fB7iQtKRQ2WOSd_9-qPeY4K9_Ypn-NCPpO_mP6P6no-SG3nffmh2uJHphV7AKuXbniP1zrNFYpyeG5vx8JyoZ3Ioxn-y2kCwkFBdaPWEWMvR5Wx5zVqZgadz6Sys_LcFIOrcTuZXIxvjDGU1fSLy6GbzlEFn0COzWzFPZG8JEi82ip28kQulSu90_LGY3-Q3jk-dNy872SHepUATZqfBWaxU1lFAxbQ0PQw1B3DlHyE3yZUMr_aU48Y8-vWsE9HkvjBm354i149cNdMmDG7Wb-nHZTsd3uU_Lw3zPx-vOnf0g1j5Y8Il6VJPW1rrKUB0EA1g_gUAo5FdnZ8sP6Fusdd6pl-f0iMmMzRPdkHAh0VELty9qtIruJ7qCacRvhnFmIDMRohgel2Pgt765GN19VkbG3uQzbBcnMF-deyBx33zyBmFVXr5Yvyxnh2-XJfVi1YIpKSJ-frI9wxRM8mqcpfcCX2pva8yV6hnJOdOuQiDwBAJ70cM699ttAKyb7SW75misEN7rWGW43AFgLilPwPrG3NORHIJxbAYD6o21Q1JFm3lMDsVeFjSwJ1KmPTO_f6djnWwFm5Adg42RYPnMsjMxwC6czJ0eVnRtknjBBFoX4nRfU6D3BfJhaIQoH4fAhBsheLzT1rNhvNgQU7PuHqIHcvV3BiWTJ5GbpUPnAFoKMnwV1LpSSbdap_7s290B8BWmS5-RAxAd0Fzn8FnYi7YErv7uTwR3BhBPdstCu3a2u91yJOwAohWdLdD48lanJm6yzXp0USCWjDkJE9EvRtIlt5DKgT81uA-NNmj79Eq6X9yzg5wWa-cts6IpzDPYRHNpSh6SF6VaF4K_3SvKeFw0VWbbmKICMpmkYK8W5klQpqzkZJrYRaTs2DPHf5ikz_4MLjfkNDqidPZl0iJzPGrGBNbvJ-osj2MeIpV8bYcvJk80EWbIwd_5oFhR-RZvXTFHKrh8vPs0XMZ8W7irIcnlM5s0Oey6e2K_Y8GzLOdom51DFWC2f2MwfaGd44t4Rdw3qPuw89Y5k4WRQyb9egP3OP54v6LFpQHrhsbjNY0zf6l1FDgMCxkNPAiusoAZRu7iCmHmyFxzhbbuh9_9ffHeqMiLJ-LCjRD7Ck0DTReI4cqNx9EwSlrBUDt_W6LGIAenOGUfbZHAZV-k4n-Bc9vDqbo-0RgxRgGO5c_LlM1SU1ubylnE-W7hKv6UNSNNqQcir6eb9oGAm2O0qOrZ2OtNXmLceETPYQu_v6lgl8mYLcqlvnFZB9i2GiNfTZsaNFxdAkJWKYf6KEAe5fUufVzvlHgGKPljHdbRxY3iORPi1d_qqU79I8soaIo0H7gtFLwaLwgEEikAaQJSVoKshJk2LKxn5E_aR-YxKzWodMA6h3opo8EvgL008mQsItKGUhgBYAE&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=20163094551&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jhuH0CmQL9KleePtliPKfu&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1447540957213601%26output%3Dhtml%26h%3D600%26slotname%3D6019623105%26adk%3D760889125%26adf%3D1610234907%26pi%3Dt.ma~as.6019623105%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1692095258%26rafmt%3D12%26format%3D300x600%26url%3Dhttps%253A%252F%252Fwww.oferlo.com.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rh%3D600%26rw%3D300%26sfro%3D1%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1692102458275%26bpp%3D5%26bdt%3D241%26idt%3D188%26shv%3Dr20230810%26mjsv%3Dm202308090102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C170x600%26nras%3D1%26correlator%3D2708358061136%26frm%3D20%26pv%3D1%26ga_vid%3D902450206.1692102458%26ga_sid%3D1692102458%26ga_hid%3D1258383018%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1245%26ady%3D167%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077018%252C44799955%26oid%3D2%26pvsid%3D4424351942008326%26tmod%3D559232684%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3D3qsNKXFoI9%26p%3Dhttps%253A%2F%2Fwww.oferlo.com.ua%26dtd%3D190&adsafe_type=d&adsafe_jsinfo=,id:59bcb299-4085-45e9-4446-66d74fe7eb85,c:lmK7CU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f9f8cb9c9-rjb47,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tN0lu5m+11%7C12%7C1311%7C13121%7C1313%7C1314%7C1315%7C14*.1135760-65089096%7C141%7C1511%7C1512%7C1513,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:20a4dea2-3b67-11ee-9697-aefa40799979,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWebmdf9tiOkZaKFF5CpeasCDKcNtQNt60fjHNvOWZ0AiQw0Wu_xjyyTKz75Kb--oJnSZ1jdGZCZvH6sJRZtBaK9e6yk9Gnzt9LZQS-RYAoCZ_4KwNpNbRZfZHZZr0oNA6BvNzeAzQbNcBJnebCD04XJt9DCMWDqwZu7146cyRgdDiC3Q72ZcGrMDJu1IJg7H_0T59L1izSPQ89o1BeaTnid_7mjkEryu9476nbBpJBcEIkeGKxt9Recd2ptNZdchvle8_lnBkFjHzCQd3uvSuecaxLHgRkLpgBAYH9hZRpComhrBEvzq2V1Yv9bc0dXtaCnk932kLxR6FEJd3hbW1A8MQwez1ddKdZcGN2P03aMQY9vtz-TIwjWuyHzHoZu36TvtRRyskOgBUPfMTRkWiMVN8kFt_ZPKUO6atN8zokoJtZ6yFbWUfTKkpSMXAn9AbXJ1Z9Ge13XwCYmDVkWGZjK3mqlvsLMfq_y5Gof74BjCqGdWqdvm4dcUD6iCeICp8ieX1kYp0vLv9rPvmO4vFgYhUYwwXXsipgtNOga7XBMX-_QrrrqHfPN2ihBLg--x64qRm999dfZdGQO6ICB0fGOeNELZia4LbB-gmC_mAPuPBC0blzJL2WPGBD8ye2VVM1YHfA3m-oWM083gMWm5HxhV4qMWZzB5_Qydhp9mhm6IBOaidwNOluv7r9-qb2-KOW5nUfZ75aHjqgPrGex-5x4O3pub8AaTJnI_LPMp1NCwgLnJo0nZhur2dvpIYcJqUqAGlbf__HqbmHoZmlWlP9s0qvrEXP53dFX9gFsGpm0T_WrYaVfdlfrHGHtupRIZP5f-0odmP_iCd13xOdIpehT5CXK-tg9SogPc3gChiRXbm-H8jV1fknVG1MPAPELQDJ13fmxe_Npqv3fXNbeUHY7JFC1KGHaEitCMPriBohe5YjoMiINpnOqVsTRbd9wIa8HoxEuTcLw26Kb7g9aozuDfkfvNNf7wG64JWcyWS6TiEMWyDkZTvxx9tj03f6L75jmDBcyVhbUUBKKbIowcfu0YvhyApmzhXmbZL2rdn96QfYN_Fmsg4lbHrr4Rxawu00uajElUROOtvMu5bte85wEdQcmSRF7wzaoXK2-s3Oe6CYROMc9zYUwTa5XgLADmAfvBL62PWWAvGifEdNYWjwm4jMeDNfvWSSQ_rjjNaZk37dDy_Qagw4KQE0i8LXp4oP-UROTo2OpcvJzJH23hIhMR7Ir5I8kCiK4abSCfO0YF5d6uPGnmC--7vYGTUEDz7ULPVzge2EsIfjGg636QIqE5CogsT8-g2_jbzn6h3dMWzjo2yIQnV_mPQGKwGsh1oDWAy-8ySbP30oaTyezdkuKJlawblzSCLCpUYmMGhjibz6sWwLDYWyKWAv8c3AQB12K5ore-B5C8qK7uy-k5J9WW19A947U9n3jNC3jpE3AsiGHBThUGgY68boU71n6jcQ5dfPnCnSRx6wlbW2Ch91WQBUSUvaOxJyAJoLzwrinmkjEKWMFrJL2KUaNwTb_OX8SC0vK9Y5DwYVFXnxn01XBTu9-ba6eYfD37xniEiFgVcEsGGvBo_-r0SAoVrxQ162JpRTFROVIFelWA61ihnhICbsHcktlx_mLfb_O5lnmjCDyYgI1MrBMJf_c82SO2V85_Y491w9msNw7Alof4kr_lxLeXvTt8ZoWFfdsY5z70ZW2_t9hFKKMrAcH-gYZggDHQiHPJyl6WVYJQiqc8bo-RTqqek3G6mKuZw2XFC7B9b7lE-2ZDbso9f5UcBmiPmUJkZpRdKVCwJzDjy0OZ4Tfm5ab7c8_P7N27kALbhL4QiQpaCJxnscBUMfbSiiC-C9VDRchyUidpphFZDX6L-jJscZGmgb52cYcz04dFyw4BLsNkT9bxj70jH2ZLeE7XdfYN49GeYPkuYZ6IYvTZX2JPL8FTrG4WteXXNJzSd3t44jot3F6FK_amZ8QRNgXeuEyyHwrGKaG4nA2x5Y4QdCOYjtAQ9qmsFNAAkgCMxo-2j1WDeQqfDeQzmKdjiRsf6PR2u1b2PrDcJOLLk-PfiE9vyP7We59RHKDGgiNlheuFbyUUSowV-JS48cisMoh8w_dIKjesNjfYjhTw_Ew-QpnJkPgiKBgziSywGSmI08AjChT4F002L2ShKmnCSWySZwAq4dwbr1P6qlCYsgDZ0mlXGuvpzc5Wuwm7BBpsYlicbWro8S2AWvquMURrmckgyzv5G2O0nddfQ4KXjPSWT49kwgK5HDkVnpANRfESfjeFibS-rp0PA3A5tXWD8a9m3S5AliGoW3leGD1Oo4kNAfv5FacAwVgogczdRdsAybupx6SLTBCYQ9rK1KUmxfg8Af8KHFDrgxYzBXiKK0pyj0VtPekKb5ZJ0jMHVLBO-gfnAydNqgygz9GtLlyioCnucgIHHQDi2mZXXrTeOAWPye3BJaTV8dyGUgttwY3U_mYkvqlFY4h5h3pU9hSHBxrEVIlUB4OGDPVcFWb5YMuw8Yg22Y-f3npH-tb0eHUO2gYi9vprB9laxNvYMBEYmrkPQzjLUN0nU5Enve3Rgrla-TT357djR2n2XwYP4YPRaVOL1TeiY5Zv5rB2Jl6dIFJsOottetRB6m8oy6tOf0r0dz_GKZYhtNteZbdDipxpp6Vap6E7fB7iQtKRQ2WOSd_9-qPeY4K9_Ypn-NCPpO_mP6P6no-SG3nffmh2uJHphV7AKuXbniP1zrNFYpyeG5vx8JyoZ3Ioxn-y2kCwkFBdaPWEWMvR5Wx5zVqZgadz6Sys_LcFIOrcTuZXIxvjDGU1fSLy6GbzlEFn0COzWzFPZG8JEi82ip28kQulSu90_LGY3-Q3jk-dNy872SHepUATZqfBWaxU1lFAxbQ0PQw1B3DlHyE3yZUMr_aU48Y8-vWsE9HkvjBm354i149cNdMmDG7Wb-nHZTsd3uU_Lw3zPx-vOnf0g1j5Y8Il6VJPW1rrKUB0EA1g_gUAo5FdnZ8sP6Fusdd6pl-f0iMmMzRPdkHAh0VELty9qtIruJ7qCacRvhnFmIDMRohgel2Pgt765GN19VkbG3uQzbBcnMF-deyBx33zyBmFVXr5Yvyxnh2-XJfVi1YIpKSJ-frI9wxRM8mqcpfcCX2pva8yV6hnJOdOuQiDwBAJ70cM699ttAKyb7SW75misEN7rWGW43AFgLilPwPrG3NORHIJxbAYD6o21Q1JFm3lMDsVeFjSwJ1KmPTO_f6djnWwFm5Adg42RYPnMsjMxwC6czJ0eVnRtknjBBFoX4nRfU6D3BfJhaIQoH4fAhBsheLzT1rNhvNgQU7PuHqIHcvV3BiWTJ5GbpUPnAFoKMnwV1LpSSbdap_7s290B8BWmS5-RAxAd0Fzn8FnYi7YErv7uTwR3BhBPdstCu3a2u91yJOwAohWdLdD48lanJm6yzXp0USCWjDkJE9EvRtIlt5DKgT81uA-NNmj79Eq6X9yzg5wWa-cts6IpzDPYRHNpSh6SF6VaF4K_3SvKeFw0VWbbmKICMpmkYK8W5klQpqzkZJrYRaTs2DPHf5ikz_4MLjfkNDqidPZl0iJzPGrGBNbvJ-osj2MeIpV8bYcvJk80EWbIwd_5oFhR-RZvXTFHKrh8vPs0XMZ8W7irIcnlM5s0Oey6e2K_Y8GzLOdom51DFWC2f2MwfaGd44t4Rdw3qPuw89Y5k4WRQyb9egP3OP54v6LFpQHrhsbjNY0zf6l1FDgMCxkNPAiusoAZRu7iCmHmyFxzhbbuh9_9ffHeqMiLJ-LCjRD7Ck0DTReI4cqNx9EwSlrBUDt_W6LGIAenOGUfbZHAZV-k4n-Bc9vDqbo-0RgxRgGO5c_LlM1SU1ubylnE-W7hKv6UNSNNqQcir6eb9oGAm2O0qOrZ2OtNXmLceETPYQu_v6lgl8mYLcqlvnFZB9i2GiNfTZsaNFxdAkJWKYf6KEAe5fUufVzvlHgGKPljHdbRxY3iORPi1d_qqU79I8soaIo0H7gtFLwaLwgEEikAaQJSVoKshJk2LKxn5E_aR-YxKzWodMA6h3opo8EvgL008mQsItKGUhgBYAE

Request Chain 202

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGwLvJc18hJBDCP_ijCYLxE&google_cver=1&google_push=AXcoOmQY9AbCbaudP480ZSf461PBNijAkPqDe5t98RrJeAx5hiUrS3g3aJ_lfFGz1kjvTfCLjbSMiapssXDvikuv7DVR0gQjSrP0ZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQY9AbCbaudP480ZSf461PBNijAkPqDe5t98RrJeAx5hiUrS3g3aJ_lfFGz1kjvTfCLjbSMiapssXDvikuv7DVR0gQjSrP0ZA

Request Chain 203

https://um.simpli.fi/gp_match?google_gid=CAESEHaMb1IhrNpQwlmm7CALqZY&google_cver=1&google_push=AXcoOmQZdqWwRGf3tjl5QRCxfK4voTAT7aVptHY34FbdPyPQGrJyEKcBrPirL1OD78pk_4XurBa-xAy9dQveHx2ZDFnn2NwvPbAnkQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQZdqWwRGf3tjl5QRCxfK4voTAT7aVptHY34FbdPyPQGrJyEKcBrPirL1OD78pk_4XurBa-xAy9dQveHx2ZDFnn2NwvPbAnkQ

Request Chain 206

https://d5p.de17a.com/cookies/google?google_gid=CAESED9IEIH_iO47iufNjuElpUs&google_cver=1&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMywkFK1Z HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED9IEIH_iO47iufNjuElpUs&google_cver=1&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMywkFK1Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMywkFK1Z

Request Chain 207

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPrmKb0dEhxe54Toq0WBHEQ&google_cver=1&google_push=AXcoOmRYpRGSQ2TGbkcXQzn5cXV7wHCBbr7grVsrVQ6iXcL6u31ayr55K_uIlGNXJHbiwrYqrEZiXv2tHty6Z6XoRzmqgTxp_NpKoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmRYpRGSQ2TGbkcXQzn5cXV7wHCBbr7grVsrVQ6iXcL6u31ayr55K_uIlGNXJHbiwrYqrEZiXv2tHty6Z6XoRzmqgTxp_NpKoA

Request Chain 208

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHCYOymS78goBZqKzKNmwWg&google_cver=1&google_push=AXcoOmRK1buCl63h6jYaNETyA9jpsewlYtc0gwNKHkxqRLsCEJLBLI0ckE5GmHGBvT2UepzYdvBp97h9mgaqy5Kttqk2AhxTN_8jSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRK1buCl63h6jYaNETyA9jpsewlYtc0gwNKHkxqRLsCEJLBLI0ckE5GmHGBvT2UepzYdvBp97h9mgaqy5Kttqk2AhxTN_8jSg

226 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.oferlo.com.ua/ 135 KB
37 KB 209ms
33ms Document
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

49a395faadca0e06c33cd7508a6cdcd669ffd64f24577bcdcaea5ec12ebd8bd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 12:27:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-date: Tue, 15 Aug 2023 12:10:46 GMT
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
x-upstream-backend: letakomat-ams-w004
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 112ms
90ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0541ab3f6240323ff5afe4397abf79e45e0736217169388524d92814ff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50991
x-xss-protection: 0
server: cafe
etag: 2346053443072080535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:38 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 193 KB
76 KB 191ms
169ms Script
application/javascript 2a00:1450:4001:81c::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15191c2f6273d0efd9a22e8a646c3b1f77f0ea8967f14bc1a9e9a656d73bf4dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X4u7udSj8ark2Uv767UJ9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-X4u7udSj8ark2Uv767UJ9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 15 Aug 2023 12:27:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba3478c56cbd17efde25bbe365aadd60d107fb6887d496adbf590ad24b446c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 11:24:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 12:27:38 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1fb1e346384232cb17d28002913baaafc0572382bae5aec82b0dca887f16f42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 external.min.js Show response
www.oferlo.com.ua/js/joined/ 138 KB
53 KB 21ms
21ms Script
application/javascript 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 82e67d47075a648c29d0b56eaf1f7fb2ee61081b47ced898b43e53d84eb748d4

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 08:53:25 GMT
last-modified: Tue, 15 Aug 2023 07:41:22 GMT
server: nginx
expires: 31556926
etag: "64db2c22-d23e"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
content-length: 53822
x-proxy-cache: HIT

GET
H2 200 common_co.min.js Show response
www.oferlo.com.ua/js/joined/ 52 KB
19 KB 42ms
41ms Script
application/javascript 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=db99e8e489fb6f6110568f1553317af4
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 63b55e0f026ea33749f4696e188e1bdad154011702a15f0e53c8a4ed93c5f30b

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 08:53:25 GMT
last-modified: Tue, 15 Aug 2023 07:41:22 GMT
server: nginx
expires: 31556926
etag: "64db2c22-48cd"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
content-length: 18637
x-proxy-cache: HIT

GET
H2 200 homepage.min.js Show response
www.oferlo.com.ua/js/joined/ 24 KB
8 KB 42ms
42ms Script
application/javascript 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/homepage.min.js?t=5be2b18dc03c97c760d6dbe8444cf7b4
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 0903e081ad7e73ea1b95a3ed43366fafa56a0749bb0c44a28d143d6f5825cc62

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 09:04:19 GMT
last-modified: Tue, 15 Aug 2023 07:41:22 GMT
server: nginx
expires: 31556926
etag: "64db2c22-202a"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
content-length: 8234
x-proxy-cache: HIT

GET
H2 200 typeahead.bundle.min.js Show response
www.oferlo.com.ua/js/ 38 KB
13 KB 42ms
42ms Script
application/javascript 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/typeahead.bundle.min.js?t=f41bd26b4f00a211084e52374726172b
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 5b747674b51e2b796c5c3f9a256924233346caecd58c6f2361f05e78431043ec

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 08:53:25 GMT
last-modified: Tue, 15 Aug 2023 07:41:22 GMT
server: nginx
expires: 31556926
etag: "64db2c22-33ff"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
content-length: 13311
x-proxy-cache: HIT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 8 KB
8 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:05:29 GMT
x-content-type-options: nosniff
age: 228129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7860
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:05:29 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 8 KB
8 KB 32ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:38:19 GMT
x-content-type-options: nosniff
age: 305359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7972
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 23:38:19 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:37:45 GMT
x-content-type-options: nosniff
age: 319793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 19:37:45 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586d91336be9aee404ee7a879af864221def5cc345eb0556f3134d45a1166280

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 377197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 03:41:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
82 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=db99e8e489fb6f6110568f1553317af4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5214f5229f568d45755ead66df92e22ffa5160b26cd1efce1d40ccebcd5de53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83181
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Aug 2023 12:27:38 GMT

GET
H2 200 fontello.css
www.oferlo.com.ua/fonts/fontello/css/ 4 KB
2 KB 21ms
20ms Stylesheet
text/css 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 1c1e0c28137c42797a894fe2267653af646136000fc5c53cb82c0f85971a1b45

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 02:08:11 GMT
last-modified: Fri, 11 Aug 2023 07:47:10 GMT
server: nginx
expires: 31556926
etag: W/"64d5e77e-1165"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
x-proxy-cache: HIT

GET
H2 200 global.css
www.oferlo.com.ua/css/ 132 KB
28 KB 22ms
21ms Stylesheet
text/css 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/global.css?t=b4a2ae8c75d2328e0ace3a682eb23d88
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: c17a993d92a702cc2d1b12adb9ea13bba9dec731119e152f7fb43adf6193b666

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 08:53:26 GMT
last-modified: Tue, 15 Aug 2023 07:41:21 GMT
server: nginx
expires: 31556926
etag: W/"64db2c21-20e9d"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
x-proxy-cache: HIT

GET
H2 200 homepage.css
www.oferlo.com.ua/css/ 11 KB
3 KB 22ms
22ms Stylesheet
text/css 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/homepage.css?t=4d01e921c4d7e76eaf3e5d2406a68a76
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 844e1c6c5015874eb57cd55d8a515beff385a7bf6b97b6dac22f82ba5869c04f

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Mon, 14 Aug 2023 15:02:03 GMT
last-modified: Fri, 11 Aug 2023 07:47:36 GMT
server: nginx
expires: 31556926
etag: W/"64d5e798-2c9b"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
x-proxy-cache: HIT

GET
H2 200 globalDefer.css
www.oferlo.com.ua/css/ 23 KB
6 KB 23ms
22ms Stylesheet
text/css 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/globalDefer.css?t=3961e9955cf7919192786a4f27f3cfc9
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 3b396932b11505d8bc5d2eb80c99066486500a45a38cd9b17f6949b52f83a11f

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 02:08:11 GMT
last-modified: Fri, 11 Aug 2023 07:47:36 GMT
server: nginx
expires: 31556926
etag: W/"64d5e798-5a27"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
x-proxy-cache: HIT

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/32/ 724 B
1 KB 63ms
28ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/32/logo_ss.webp?2af9fee529e67810fb671b1e1eaa3fef
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:41:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2F9sGfrIcKzjzIPfJ6rWBTGkqKPs8oimdCExvcE5Kwum2J8uxf%2FnvXV5g%2FrO3EksliANfqQc%2BOodycLuFS9cWQQ5j2TWD0m410QLVms%2BCauYV7UROz7je5Z9c3gV5GoSsm%2FCA233Noz2SCR795dcxBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ecbb9083a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/35/ 706 B
1022 B 73ms
38ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/35/logo_ss.webp?2af9fee529e67810fb671b1e1eaa3fef
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dtz6uCgYl8rBGOKiqeYAjQEvbcjEpe2RuTcxp0fqlL%2BqtoEXDvxhI0MW4bFpGNpVJaUyulGvdd%2FialdUs8SLK%2F01ML1RJSxUE2Sr5AUTI46VfAHlQGzP45yIlU8OEjjtO5h8fAaYHbAdDO2Xux0WEVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ecbb9143a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/3/ 2 KB
2 KB 61ms
26ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/3/logo_ss.webp?2af9fee529e67810fb671b1e1eaa3fef
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:07:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiP8yNE8eEaz39n%2B9l8JTPTV5ZfI5nZG1%2BiMr%2FKaRsHpD62XPrg6Dn5%2FE67XGCKpVR9qgCeg%2BPUJMXf%2Bs0kJ76UNEKwuYcp57gRoBlEU9u%2Bygy28AORGIWAmcNjxMt4pEc1Ww6sKqfK92EElHQq5fK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ecbb9103a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/2/ 1 KB
1 KB 62ms
28ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/2/logo_ss.webp?2af9fee529e67810fb671b1e1eaa3fef
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:18:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLTdXZKXlLCda9U0usTiKAxRUtmt9OOD9p2%2FLLGZ4mfC%2BQhqio%2F6QgU%2BAtPh%2FfDJXmaaJwQSAhmlHEGdSMhMLlSu7NWgQwNlV5rVRa9eHsCQY47D32GoyEWl7gxTwZqDH5uMigIEW7Wp%2FFW3QVW8C44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ecbb9123a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 0_s.webp
eu.leafletscdns.com/com.ua/data/32/4963/ 5 KB
6 KB 65ms
31ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/32/4963/0_s.webp?t=1691729535
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e533075f599c626a6121a7a013266afd39a9faf4ed25dd465c2e0d2307140411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233648
alt-svc: h3=":443"; ma=86400
content-length: 5320
last-modified: Fri, 11 Aug 2023 06:49:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENz1hliPPo4dE2RQtdHBOf1i2bgukTqX9%2F%2FJk5jIqiNh6TARDeC7XNTMJQ5%2BMclgzVSCnLilZ0uXwi2lNkVc1w%2FtG3VTaNULX1SehxGv76ZsohdTCDGinKhilWVAO5z%2FxWdP8mYZY2I9o8%2F3O5M83Jc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7f716ecbb90e3a78-FRA
expires: 31556926

GET
H2 200 0_s.webp
eu.leafletscdns.com/com.ua/data/35/4961/ 15 KB
16 KB 74ms
39ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/35/4961/0_s.webp?t=1691640541
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adeda96003b7a098ac241745ff521d8588b5085c01b3929c3da4643cd072c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447664
alt-svc: h3=":443"; ma=86400
content-length: 15862
last-modified: Thu, 10 Aug 2023 06:39:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z%2FskwJ0p1wzd%2Bi7KJJcr5RX0YKUIMv0mO7QUA54svpmQQpWUG3rO%2FYh1qpnhGOP5mzVTVFA5HyV%2FaRA%2BDDj8KrmJHqEZSERPQm%2BdoazQ%2Bj0VlhJtS%2FGp0vvMKWMVUHd06eq0QhUdpoya0JYQgZ8zas%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7f716ecbb90b3a78-FRA
expires: 31556926

GET
H2 200 0_s.webp
eu.leafletscdns.com/com.ua/data/3/4960/ 7 KB
7 KB 15ms
15ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/3/4960/0_s.webp?t=1691640120
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c1f82e1e7419abc6ba79317dec0ac4912643637a0848acee3f3d5456d02817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 447664
alt-svc: h3=":443"; ma=86400
content-length: 6728
last-modified: Thu, 10 Aug 2023 06:31:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bz2iRm608LelIbkw5zz%2FyFwEvAy9pDJZ9Mq%2BDyHnlr0GZ8YgP1Xf90TUqrONIjkksusgpW95gggLv6H%2B4xnIw%2FO2mNZ8l2l5Ha7Yw1Bz0ryjL%2B6AmLIzeEP7pjvYSEOqGwhAui5xaI8DL6%2BE%2Bu%2BtARg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7f716ecbc93a3a78-FRA
expires: 31556926

GET
H2 200 0_s.webp
eu.leafletscdns.com/com.ua/data/2/4919/ 12 KB
13 KB 24ms
24ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/2/4919/0_s.webp?t=1691547074
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a8f7618cec38c5e74012b1f4636cbf61f19c0ba4e2d83a7921d0d09814b258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111527
alt-svc: h3=":443"; ma=86400
content-length: 12620
last-modified: Wed, 02 Aug 2023 08:35:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4Wn69JtnbtaLzJYuosHfMsbAtbilPlD9s2Rqv4T7BaK%2Bs4%2B1LZ5l64UXY9jgQB70ro64hB1p3k7MOEYQG9KzIIv8g6WKPSUiDRDKXG0UOt4NriRQwzUjw7mAFxlZcvFgPtYwLyPutZFNG658VwUSfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7f716ecbc93e3a78-FRA
expires: 31556926

GET
H2 200 Badge-Black.svg
eu.leafletscdns.com/com.ua/img/huawei-btns/uk/ 10 KB
4 KB 59ms
27ms Image
image/svg+xml 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/img/huawei-btns/uk/Badge-Black.svg
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb163f503b1617c4f2f2c2a12d008a0c486f76355d20774f62bbf7fb0e909900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Tue, 15 Aug 2023 12:27:38 GMT
x-proxy-date: Mon, 27 Mar 2023 06:26:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12203702
x-from-origin: true
x-proxy-cache-type: 5
x-proxy-date-now: Monday, 27-Mar-2023 06:26:13 GMT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 06:17:10 GMT
server: cloudflare
etag: W/"642134e6-2751"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiE1k%2FuKGbSt1a5JCaAsZ1coE5pJBvzTVuHF%2FMRXaIb8He3qpgz2onv1xjTgZr3E3ogu4p7CQwHwzGnP%2FAbNmlBvtxyOM9Sd5O6ZHe68TupNyVWxmP6bY9rUFQ%2Fb6Q3odympboqc5Z4jDpQs6ysmVDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ecbb9043a78-FRA
expires: 31556926

GET
H2 200 App_Store_Badge_en.svg
eu.leafletscdns.com/com.ua/img/apple-btns/ 11 KB
4 KB 56ms
23ms Image
image/svg+xml 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/img/apple-btns/App_Store_Badge_en.svg
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Tue, 15 Aug 2023 12:27:38 GMT
x-proxy-date: Tue, 30 May 2023 08:49:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6660286
x-from-origin: true
x-proxy-cache-type: 5
x-proxy-date-now: Tuesday, 30-May-2023 08:49:44 GMT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 May 2023 07:23:15 GMT
server: cloudflare
etag: W/"6475a463-2a34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgtSxepwOhpf8wpMGDYoTrAmv7FLIRdEozGwkAStRjGNlId0M8Ko3%2FDNdwirUTO93pzJVVkD5Uuz0C7cIC7GCf69adGG9F0kqLFJRj4Qv3fsL8HedKor%2Bu7EJhed04VFT6kC9Ezy7yV44qiDOzKjtq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ecbb9063a78-FRA
expires: 31556926

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 372 KB
126 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fd6fbc2e6c9e0e1d5246db6ea7a436657b7c597f0f1ac224c34cd7f52ab1609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128450
x-xss-protection: 0
server: cafe
etag: 16903219864274745597
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:38 GMT

GET
H2 200 fontello.woff2
www.oferlo.com.ua/fonts/fontello/font/ 9 KB
9 KB 21ms
21ms Font
application/octet-stream 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/font/fontello.woff2?51555792
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 4bdee25441d23d999ce7010694fcaf06b184e8ed8b21393af67ce1b31d96637e

Request headers

Referer: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Origin: https://www.oferlo.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Tue, 15 Aug 2023 12:27:38 GMT
x-proxy-date: Tue, 15 Aug 2023 02:06:48 GMT
expires: 31556926
last-modified: Fri, 11 Aug 2023 07:47:10 GMT
server: nginx
etag: "64d5e77e-23d8"
x-from-origin: true
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
accept-ranges: bytes
content-length: 9176
x-proxy-cache: HIT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame 695E 10 KB
5 KB 41ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 11:43:58 GMT
etag: 12368291122986407432
expires: Tue, 29 Aug 2023 11:43:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-menu-items/ 3 KB
3 KB 23ms
22ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-menu-items/

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

4a5a5e8f7967411dc8e7a25f816459da34d9aef6e1c054cff15e6729cc8b1020

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:38 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:25:29 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:38 GMT
x-upstream-backend: letakomat-ams-w008
content-length: 721
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:25:29 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2595
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 15 Aug 2023 13:44:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 58ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 15 Aug 2023 12:27:37 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1935CC8E763845CF98ABE83AECDA87DF Ref B: FRA31EDGE0710 Ref C: 2023-08-15T12:27:38Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 15 Aug 2023 12:27:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47245
x-xss-protection: 0
pragma: public
x-fb-debug: fa6L6lIL0Ali2MMGHNI3kbeBmU945ujACOwvsXIAd3QME4+ZFDE0+2KsjgILxh2KUwASkmBXmZWx5EpeiyY+gA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-366NYGWSRX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ee2c2ef05d8fb011d64bb3cc15c12d233c169152e2a72b9551fa28dc7492f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77812
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 15 Aug 2023 12:27:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 3 KB
2 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1692102458324&cv=11&fst=1692102458324&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&auid=476190913.1692102458&uamb=0&uaw=0&data=AdBlock%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52db7ac4848fd90537f38a0eb6d43484408b15458a2f7f66fc3f5dcac8441cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 35ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.oferlo.com.ua&callback=_gfp_s_&client=ca-pub-1447540957213601

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e594c59a4317bb60b4403164659dc29e2c7f789d82dcb4456ab615c823622ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1345 131 KB
36 KB 934ms
934ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1692095258&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&easppi=1&asiscm=1&aslmt=0.4&asamt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458197&bpp=8&bdt=163&idt=175&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2708358061136&frm=20&pv=2&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=199

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db8babad857e8422fdace59b6eda0ec8d57d7a3f676207e7f35d0a69c071944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36803
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:27:39 GMT
expires: Tue, 15 Aug 2023 12:27:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1258383018&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=403356534&gjid=204530627&cid=902450206.1692102458&tid=UA-24834420-46&_gid=2075383794.1692102458&_r=1&_slc=1&gtm=45He3890n81PRQV9D6&cg5=site%2Findex&cd2=0&z=518936934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478813288996064 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478813288996064?v=2.9.123&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62fc1df59ddb7dffeab9dd553eaac7e96c20d6459a1ba2269d4d0da50c201bff

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 15 Aug 2023 12:27:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89134
x-xss-protection: 0
pragma: public
x-fb-debug: tjzDWAqSnSdpU6Ma24k6f1hcDTsTwXR4NTTwO65IewiQ91sdEbMbia6NFsrzuj5f6vGmmeQ+btl8eNiR1m707g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 37ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-366NYGWSRX&gtm=45je3890&_p=1258383018&_gaz=1&cid=902450206.1692102458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692102458&sct=1&seg=0&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&dt=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&en=page_view&_fv=1&_ss=1&ep.pageGroup=site%2Findex&ep.adClickId=&ep.userLogged=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-366NYGWSRX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 49ms
17ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-366NYGWSRX&cid=902450206.1692102458&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-366NYGWSRX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
33ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-366NYGWSRX&cid=902450206.1692102458&gtm=45je3890&aip=1&z=1585862974

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE95 39 KB
14 KB 2230ms
2230ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b7d82bdee6ed8b974edac3fbfb97a8ac156936249a943c3d5def46b2b77e83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14706
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:27:40 GMT
expires: Tue, 15 Aug 2023 12:27:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 104D 35 KB
14 KB 2475ms
2475ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a144e5d2dfdf5e9adaf14f732c99ebd3735a9bc0af5c1defee29d91409710894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14041
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:27:40 GMT
expires: Tue, 15 Aug 2023 12:27:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 22ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24834420-46&cid=902450206.1692102458&jid=403356534&gjid=204530627&_gid=2075383794.1692102458&_u=YAhAAEAAAAAAACAAI~&z=2134519253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Aug 2023 12:27:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
455 B 41ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1692102458324&cv=11&fst=1692100800000&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&frm=0&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&data=AdBlock%3D0&fmt=3&is_vtc=1&random=1336888782&rmt_tld=0&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/868040956/ 42 B
455 B 22ms
22ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/868040956/?random=1692102458324&cv=11&fst=1692100800000&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&frm=0&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&data=AdBlock%3D0&fmt=3&is_vtc=1&random=1336888782&rmt_tld=1&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27016625.js Show response
bat.bing.com/p/action/ 0
117 B 28ms
28ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27016625.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 15 Aug 2023 12:27:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F5E43A9079041979B68DB4B5764C701 Ref B: FRA31EDGE0710 Ref C: 2023-08-15T12:27:38Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27016625&tm=gtm002&Ver=2&mid=1604f1a1-b730-4e95-8084-79d8ae3f0722&sid=1f1d16a03b6711eead10416a40486547&vid=1f1d40b03b6711ee88dc4ddad1bd7409&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97,%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&kw=oferlo,%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8,%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8,%20%D0%B0%D0%BA%D1%86%D1%96%D1%97,%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97,%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8&p=https%3A%2F%2Fwww.oferlo.com.ua%2F&r=&lt=337&evt=pageLoad&sv=1&rn=2934

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 12:27:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A0AAE48C22E49DEA69703A5A9733677 Ref B: FRA31EDGE0710 Ref C: 2023-08-15T12:27:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 21ms
6ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=PageView&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1692102458482&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.2.1692102458481.1547495753&it=1692102458419&coo=false&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 15 Aug 2023 12:27:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 38ms
38ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24834420-46&cid=902450206.1692102458&jid=403356534&_u=YAhAAEAAAAAAACAAI~&z=2083440157

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-24834420-46&cid=902450206.1692102458&jid=403356534&_u=YAhAAEAAAAAAACAAI~&z=2083440157

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
6ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=Microdata&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1692102458990&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO%22%2C%22meta%3Adescription%22%3A%22%D0%A2%D1%83%D1%82%20%D0%B2%D0%B8%20%D0%B7%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%82%D0%B5%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%81%D1%83%D1%87%D0%B0%D1%81%D0%BD%D0%B8%D1%85%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D1%96%D0%B2%20%D0%B4%D0%BE%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D0%BF%D0%BE%D1%81%D0%BB%D1%83%D0%B3.%20Oferlo%20%D0%BD%D0%B0%D0%B4%D0%B0%D1%94%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D0%90%D1%88%D0%B0%D0%BD%2C%20Billa%20%D1%82%D0%B0%20%D0%B1%D0%B0%D0%B3%D0%B0%D1%82%D0%BE%20%D1%96%D0%BD%D1%88%D0%B8%D1%85%20%3E%3E%22%2C%22meta%3Akeywords%22%3A%22oferlo%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%2C%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%2C%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.oferlo.com.ua%2Fimg%2Fmaskot%2Fmaskot-main-happy.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.123&r=stable&ec=1&o=30&fbp=fb.2.1692102458481.1547495753&it=1692102458419&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 15 Aug 2023 12:27:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 154 KB
52 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b43b56cc5a7a6bf4dac0d0b047f8b76b30e9497f4422ba88cc6b81a6d065d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53700
x-xss-protection: 0
server: cafe
etag: 5297788102417405594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:39 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame 7557 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:16:12 GMT
etag: 12368291122986407432
expires: Tue, 29 Aug 2023 08:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7557 4 KB
767 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 12:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 11:07:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 12:27:39 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 7557 15 KB
7 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 14691725014340836395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 7557 20 KB
8 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 944C 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 944C 8 KB
750 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 12:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 11:15:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 12:27:39 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 944C 15 KB
3 KB 28ms
6ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:22:05 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 944C 368 KB
128 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 18:22:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 944C 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 944C 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRL7h2616DIMB2AUpb0rZSaL6BF8e6Pf4Ud1FCeMX7J2D6Dw4ZbR79qaEUzZ7_H7J_CP8CBR9TlhvB-DG1IBW1wXIjN0A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 944C 0
54 B 744ms
259ms Ping
image/gif 2800:3f0:4004:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llca45wd&c=8500324391241&slotId=4250162195620.5&qqid=CJTX1-_U3oADFTrHKAUdazoALA&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 944C 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CmihJOm_bZJTSHLqOo9kP6_SA4AKTudyAcoy_ycWEEcSEhZ4LEAEg7PioI2CV-vCBjAegAd78oIMDyAEFqQJXFaUXL1WyPqgDAcgDmwSqBPkBT9DFF3bJaUcAWD68q38i5rL7if2QOoLCwk80LPYd2KBJcVdr_mHuHshbaICvFxz9iGHCv4AR9jNC66rczk3VXbRamrfW4M35QWJgWLRcJrbG8oZJftb8v7EodvcUsNj5WLl7jUyTrxeJXSvpFj87wUFweN7_yooJFs14YzBIj8xbTOUDZpNbeSh43y6xAR-bGsX9oq9GJt7QKR_VpHWL8f-8jTMwlm-9SY91ZdIKZjvEVPAdgHQAUSPzSescpMxST3xizW_geBVANs7Dge14bC174TBRUvBzrMy-fZnOk89E5-Vfrj5yxXUT8WK18IyWWOeK7_KT5XYGwAS159i1gATgBAOQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBOWn6gU0BMA2BMNiBQF2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1692102459623&ai=CmihJOm_bZJTSHLqOo9kP6_SA4AKTudyAcoy_ycWEEcSEhZ4LEAEg7PioI2CV-vCBjAegAd78oIMDyAEFqQJXFaUXL1WyPqgDAcgDmwSqBPkBT9DFF3bJaUcAWD68q38i5rL7if2QOoLCwk80LPYd2KBJcVdr_mHuHshbaICvFxz9iGHCv4AR9jNC66rczk3VXbRamrfW4M35QWJgWLRcJrbG8oZJftb8v7EodvcUsNj5WLl7jUyTrxeJXSvpFj87wUFweN7_yooJFs14YzBIj8xbTOUDZpNbeSh43y6xAR-bGsX9oq9GJt7QKR_VpHWL8f-8jTMwlm-9SY91ZdIKZjvEVPAdgHQAUSPzSescpMxST3xizW_geBVANs7Dge14bC174TBRUvBzrMy-fZnOk89E5-Vfrj5yxXUT8WK18IyWWOeK7_KT5XYGwAS159i1gATgBAOQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBOWn6gU0BMA2BMNiBQF2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 944C 0
54 B 735ms
260ms Ping
image/gif 2800:3f0:4004:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llca45wo&c=8500324391241&slotId=4250162195620.5&qqid=CJTX1-_U3oADFTrHKAUdazoALA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.yb&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 944C 24 KB
17 KB 130ms
55ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A7I_7ZBeMK1Ll-5cVgRHh_ppES6V6RvN6Pcz73T4e3mM5A0xV-DK62UPoj9ftPSt6KRYV1o44-X7pRIxDOllhmjMkYbw&dbm_d=AKAmf-BcPRxp-Nc_vfOc-fKFotVk1vThNaNxwZSsFlb8V_tDkl3LY9pwYbL5qHZas7iEUG1MCJVwLHT2BWbY70wcChroLZLK8jXXOUM01--F4XuEpWby0qEG8XvgoRzOvvkTZqBmB42GeUPrRCim991mg6NNOgL2bhio5Wv9T84pzs-nGe-jLy51blKlAxR8r6g9xtWo2zHjuQ_fFzglGEJ_t8MOukLEADhHjE644nBWmlRR0yOaMBLc9uf3uXd_RVmg9NVbN0asERWhvAtQBxFSdfu8bBbe8TtrQk6IwynhFtBWSJ1_sbECeEVEELHhIBSgcH6QnzZpoG_ayEbjdWFrsmiQds_vaTkmxsms4Qz41Qf09VEFfSsiLHfFMYHeEKk5vbRhqa6NnzGnI8TjDwBdbnq1dvu7eTn8sOp1utYkdMmfmfOGSh-c-bRXdXkBmelCvtIDZE4tEUW47GtwaBj6VqTcEK4sp4seZiDJNPeFfusdi1o50wjMHvO7YNV6uqWbB-KOinbDdb9zRBgBqwB2FLfthGTYJoU2IUQxI8qENrUvLgpBLDkeaTbFkwR8sEzH_kdgD10gfVF_DgQdhOQIOGJ_jon0FAhCPNvoIL_HsDdGQwPugz8STTUwcziiXfQwsX6F02p7h_fW-G_-R6-AqiBNWSt8nUyL-Plle0PkrzJKsjPX-szt6QrN9Ls0L6SUoPWYXJcogYYygb8Vo-30Ji5bdURSVa8ymXHWXCl9i4KIGAr5KSyWYXAk_my1ILAnKrPe60fdPPihwWTTsdv5bHj_6ltLkPjLb0RaSxlKjAAHZsv8JlFlttSy_Y9G0eN75vBp3eVmBecW0IFW2cWBnmtuJqZQqUwYokU4b_KhbtrWcXgnU5OsSagXgegmx-7fd2hXADoJBPBEKu6WQyAPoEVT-IKi1udzvhAFKFaDmIHVym0LdKACilcqtv0vY7d8rYFgxGNcy9fRNzfP6PGajS1SHQ3moDfhByzjdN4s9I1bZIJ-mHRN7eZCOR8KiganRTOqyNm9cunqy6q_Ev7QxbtceOslX5fbsPF48Unn4LXfxweLL87H5eC6jmtr54cLIPu4CiSzQddiSKN5_hQdC8s2cpeRooJUFgJAAKlcH2f_Dq35fbr0zxFjs4kTkj2eqdaRQwJMp7DeykaDI-w4ZcPLiLkJuFA27D-liLcuSrYTYowPaslVXBF1Gi0St0mqdQBt2Mkm_GLHHNHlKeSO69wj3czNCkWP_tfOb0umTw0KjAYVfMU-vJemZmMa2O5GZz857A39sZtClZSVPVZYonJrH_m6FqIzeKe7y-WazdVEhC1wispk5yb-bgE_SeYb5gs2gan874TDrQnOis5SWb7vhUJ5ohduTWdB1YisKdanrNfx9bsZycdKWwj_oDTBd1FUD43VuCY0yw4V38NknSxJj2U8yLfd_iJBdKvmbE7BlxE5A8PSQuBQVlugol53n10cPnZGESSGsU_Wz5qHEwPiT9R3POoCajkhJQq3henej5tSeDEeeFTr1uvGfURjHfNjjDvRkcGbZEijTDUCa_idEO6fM4eYfyTwM3xu8-IppOdjrMvn_GF41R60_Nu26-D0XMT3dKIhPdTmmfCh4Z7DCC9jIrjKOIluog_XYvlN9f6BLdu7C1Cik_mYoPoj7fp1Cy6rDjU-_QP_XySqMweSQnmdEd_8RhzK9vbLhnUcpTE2cjBVrzIdGI8kPwQFt-xVQaE5HZ4_G8IVAvAjSeioTIhnfeYNvmZzbd3k4-tN2eXIJC7iVxdPuYe2CmD5Aqcd_ma0oW6wibhJm6_aBD4nD_NQMY5B_69XBNP57OF4w1I8PuP7goeMJIxeK0ZR_SC6U1LtkQMs8uRlROxKcZGI7Id3RpFOwP4SER0wun5FU601rgGZNeXEUgQy39-dIAxm9x7RYO49CnKH_8DwYnOkROEXs44BMy0hQG5NMyLVzUmAIzgNi3sMLBchSpFNA8Bu16cJpkpyQlUFvV6wriMrj6BgPEFFigzOIlIXONSHek-bTAO3Wll_fEJeDGbKjqa59GdD5s5jrkotMk9RBU7SKBr6Fh-JK0maKLJ3Exx5Ne9g1uZEuyn1JLqde3GbM6tWSu-UAB71F42s43o5GgA4z_VEaQf0aSzokN8jqGfL50fmm4hjw70EkPqZ9UB2c2eVCKS21pWLuy5UHzpVCW3aseLEwKhQ2dmgQhGBKq2gC2q__WhKaOeupj0L4vf06y7Sz5LxGVGscWNvmnJf7QT1Ber697KFmTHGbn0cY6B7KMQUZdRDmNce6hGC9bEP4MeFpAsNMQe-Qn91fLGmfikTLl4xRlA24imHPbcaXo1QLNb-N7y_yxh_OuBO0kj1lIS2ba0gLrrJ1D6jTrukrzlVEvI62iNrfpcJazJriFDW89uul_Hel5Vr0deF4TruHdr2mqtNvjLmS448A7N9oIq5l4LQg52Zk9r0_KXKeaSUgcZOfWw5SEAKBAvKhwK5hl_TMfLLH9NEnIqiTMMiLEWac9er622MzFoMWWQNVZw89uUe0FY2Vt5lUit-IvdYsJliCdwRuo1OlHWPePeKXgxSGiCqRUJTZ2HmW3NUxIIQVz1Foq6mnc9y3ENo1OfloiIFpyPdohVqOMKNBEfTD_UJqMzLW1dwj3bpQgvQYpX2tYtyJl_WGqSAxw8vToPy0jHcf6acBlnJeENZ4h8vTSnoTVEdCIU534a2pUNeOtE0DkIFFsOG6s0IjZ4OGf8ZfMDLb1fsSJgjWrfslAlpRyDnBFy2bsPrrbQzuTYGNQ3OXDI8Ly2sRR8pueanC19LccW73grGkAx7j6KVUaBXyUeAv9w3h0bz7QGanDqqrIesbyemCh7pQQDEQnCXkZupw810K0SA6UTIjT9WvTxYz0n57OwxVbjZjRYSCJhRFU8hiEcndz-NR5_s-bOPuRy2npH7IX3RXJmP46gW1SjIQvVjVDzHWwrwRSxzHFHHjhV1NgEhdHrtXAznDCq3WC5aloJoRRnxBn0GZDgAoofa08t4hukbkja39H9ikJY1cnaKSwn7mYBJd_EAHg0gK5f6aN29FgqJLHEkeIu8HjbgKbj8LwCqXqt6mQaTDYdbor56fZMYYwzs0s6eG_A6TT7jGMcxEnIrp8c4WrcnSH5c6evbu5TfdFWS2DSC_UzSH9RcQEaxDDiJaTji1iqK86QGXw5esn2uzl_I0rUWWqGlqhjsufSjD-7wOcAHhhfs614r3lafT__jwUBcfuii50QlxWEjbdqN89lQr4xf87jOSckCYQF3zko01sVOyAUKEU5XyQvrw3dKhSmH0UfSIV9T6JqZecw8gfPsxH0VDxNudKMM2SWGYAcnQ082S0lG_g9V_ZhYGXsv_ppEZoPZxtB-4fCc08RKZFTlRx6CVw4EZT4FDO_yN9R-t5zH3mhxYUI1ylcVTbLv89CB0_uo3DvcUHkaNgpMKQX3eCryBNdL5YihX4LzYcEkB4BYO9WebRrYc3_D-X17Xyk5ibJhJEssWBkYQ7FNiYJTeqi2HClU1WUKIUYEcjYejDPo1cEtjb6i_UwyEFZjHF3mJzaAGEUfs7Gz5HKMoNP_0_A7JceVu7H10WHKx69ZjlnLTmpR8m2C32LNfmN66Zz_1dYEIi06FtXcbEaMR3nkQ8CFZX5quU_rcLEPrQ&cid=CAQSKQBpAlJWAXUGSD3PgmDMG_LJm1fYiJVJxVJmJ5mekYyUFlHjLeTNHvCrGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

c8933ab6892f524be2e6d987223145632163835a9af5fd3ef250f679288afa56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16464
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2B2B 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Wed, 16 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2B2B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENzTuTmaMxw9pJ3xiSK1ZbY&google_cver=1&google_push=AXcoOmT5RnMG-ctluAf9ccWHcxd5Z6ND7FjnbhTuGuF5daStVG6bVjIFnQqxMCpf53tgFSTtIG1yYnCaw9dC4agsyXFlV276SwTsahc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY3ODI2NTI0NTg2MzU4MDE1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENzTuTmaMxw9pJ3xiSK1ZbY&google_cver=1

43 B
398 B

63ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENzTuTmaMxw9pJ3xiSK1ZbY&google_cver=1
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENzTuTmaMxw9pJ3xiSK1ZbY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2B2B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2KO-WcOkoSysITRQ23L6Y&google_cver=1&google_push=AXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2KO-WcOkoSysITRQ23L6Y&google_cver=1&google_push=AXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8...

43 B
457 B

241ms
210ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2KO-WcOkoSysITRQ23L6Y&google_cver=1&google_push=AXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f716ed64d9139c2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 116
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2KO-WcOkoSysITRQ23L6Y&google_cver=1&google_push=AXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS8XtuwSMWSJHTIhyuDSdCSAyYoT70eX7Z1IqRI89uPMxdCz6op4z5qhk6Z3catVR2MjHtVH-Jm-M-Yj4ZuceWkJrMFdI8vCeU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f716ed50c0439c2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2B2B 70 B
265 B 95ms
28ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGefZBK2NEBdkbpOPzXxrtc&google_cver=1&google_push=AXcoOmSF3SDsrID_fnfQ9FWPm_YPaedkKnRH0yZYMw7u3VogSfDWbpyryq2iHQcNcQ7o8PgcETXcF1GUdUfRcbSixfcrZh7EJuzICrk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2B2B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELuAB1fD7JoO98HY_pqdkgI&google_cver=1&google_push=AXcoOmS7M6dd8pFU4AZa--vkL9t6_Smoowa0YQ8nnMZqRgL7B8D-QLstXC1BSASXVNRnW4aE7YFp9Jk4XkXweCU4...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmS7M6dd8pFU4AZa--vkL9t6_Smoowa0YQ8nnMZqRgL7B8D-QLstXC1BSASXVNRnW4aE7YFp9Jk4XkXweCU4EiC2OsLiUoWWP4o

170 B
409 B

29ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmS7M6dd8pFU4AZa--vkL9t6_Smoowa0YQ8nnMZqRgL7B8D-QLstXC1BSASXVNRnW4aE7YFp9Jk4XkXweCU4EiC2OsLiUoWWP4o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 12:27:39 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmS7M6dd8pFU4AZa--vkL9t6_Smoowa0YQ8nnMZqRgL7B8D-QLstXC1BSASXVNRnW4aE7YFp9Jk4XkXweCU4EiC2OsLiUoWWP4o
x-host: tde-deliveryengine-production-6ffbf575ff-tbmkk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2B2B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOv23l94Z64xmTKp4Vo-POQ&google_cver=1&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ4o...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOv23l94Z64xmTKp4Vo-POQ&google_cver=1&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ...

170 B
232 B

19ms
19ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ4oNM1INoBcq2TL4iblVSh3Ss0

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmQEhspis3aVG8W-6y-pTbmHy4HCBxzlxy8ITkcl2FrjXmlsxaJCQy1gSXObvm-5ZmHxho24kJ4oNM1INoBcq2TL4iblVSh3Ss0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2B2B
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELoztVPYixMhLcKd59Roano&google_cver=1&google_push=AXcoOmTyYCCeJWu1NWL3xsz-KR45PPzNHQbDOVYp_1nzLWMvVoEs4Sh8Y3klFlJ1MYExlvBAKSAgvxAMK3kH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTyYCCeJWu1NWL3xsz-KR45PPzNHQbDOVYp_1nzLWMvVoEs4Sh8Y3klFlJ1MYExlvBAKSAgvxAMK3kHAhqQ__XyW8iyYURtjxw

170 B
232 B

39ms
19ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTyYCCeJWu1NWL3xsz-KR45PPzNHQbDOVYp_1nzLWMvVoEs4Sh8Y3klFlJ1MYExlvBAKSAgvxAMK3kHAhqQ__XyW8iyYURtjxw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTyYCCeJWu1NWL3xsz-KR45PPzNHQbDOVYp_1nzLWMvVoEs4Sh8Y3klFlJ1MYExlvBAKSAgvxAMK3kHAhqQ__XyW8iyYURtjxw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 2B2B
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFP4SbyDF2f3...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTOpsP4lO_O8lPVTAOqm6bTiH5RMwCpdNarscw-B1Fx2ZLswOdhHldGH6JM5uZzY0O8PJvhQV6YrV9b-tuMZ9mQ39K6Uu7dpafd
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

37ms
37ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Tue, 15 Aug 2023 12:27:39 GMT
pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2B2B 0
50 B 79ms
28ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxTVc61qnN1SgquhJcvVyCyMwXQtZiweG0mRA7bwwcn7XlDykHR0mdHNM9W6G7di_8n1Tvwg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 944C 0
54 B 597ms
259ms Ping
image/gif 2800:3f0:4004:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llca45wy&c=8500324391241&slotId=4250162195620.5&qqid=CJTX1-_U3oADFTrHKAUdazoALA&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 71364485 Show response
unified.adsafeprotected.com/v2/1014661/ Frame 944C 16 KB
6 KB 196ms
74ms XHR
text/xml 52.19.57.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1014661/71364485?mon=71364486&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B27601193.367223508%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0jEe1VpUm4joEsQjPMxfM3E%3BEXCHANGEID%3D1%3BSELLERID%3D782567170054%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.oferlo.com.ua/%3Fves%3DdGltZXN0YW1wOiAxNjkyMTAyNDU5NzQyCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdVRmRkxtbWsycDl2ZkZ2aTBjY1JYOS1lQndwRGJHS0EwakRVMlkyYllXcVFHeHVCZUE1V3lvVnMzTHhhUWoxeEJTNXhEdzF1c0JvNTFfWi04a1NiTTFXVWdVMlJoaWFKZDJETU1jZDF2eFJQWFZEb2VMdkJuMnZTbXRONzhZc2RCVHVNMHpFMUZHR212U0pFWDRRejdodDZjZFdqM1JGaDZxVWY3d0dNODVsOG13YlN0RXVYRlZZX1pfdkFhSjNwWHZIa2czZ01VXzlEclVHRnZQNWdfMTh0U2lyRDJyaWE0ZFlqcHU4WmcybDZTczlFdmlXZ2dUU1NXLWlmTmFzMkUzMHFrQW5RSnpTcE1hVFA3cVhWZXg0bkpFcHpBZmI5RjE4WEo3NHhwTHJlSFdSd0ZWNGwwTk1WNTdWaXd1VHVWcHpSMjB4WDBqV3p5azRTUnRlRF9aT0UtVUVEOEg0WG1SQU9salNfMkItM3R4Sm5iN08wUHg0eVZjT3R4YWhPam5nRmxQaUEzeDNQUTFYME5vOWQ3NGdhbl9jRGZDeGJERmRPVl9OTWQzN3duLU5GX1NlcXUtTDN4Q3NUZzJ1T2ktLTVaMUV0SVg4b1NEQnBqTG9ybDF3R2hIcWpkaGJIc1Z3TmRLTG50cGZ4WTJ2Wm4zYlV0TVVWeWUxT0NuN050U055b1hFSkZsbXpubjZpZk1ha3dRTk1DUk9mZkllc3pUYTAwR25MSzMtSWZlbHN3R2p0cDdGQlNGa0ZISXFWV0wtM3VDaXJDUkhkZ3lBNEx6STZvMnlTbFZqemdUb0tTV3ZJdzd1VFQzWHJBODc5Rm1nUmZPblRLNkVzT3RKLTh5c1JKdFBYNjRSNkx1VGNmc1A1a3JHY3RBeU96ZERhRm9sTFViYWV6NjlYRW5TeGJMU3NPSTlSZS1Da2FLR2hoc05zUWM4OVJmTVEyWDNDak9sa0IwZGRiUi14OXlBaUFGQWJaM2NuUHNXMGhfbWFHWGZUY0hmd3NRUHlmNnZGdWNCR0FLeEJySXl5RF9mYngyNTZuZjJIZTZHN0pCY1QwNHhFOEphbU9xYVliOGhXVzJGcC1UNGplMUNqWU1fdWF0OTZHcVFfaEp1bTJfWERMREp2Q21PMFNyeHlsVkFUY3hESE8wYWl6bjFhY2ZBYnJjVkxNa0s4YXlaZ05Ta2pyWTZxcXoyY2dYUU1IOXVkbjQ0MFlSeGV5RTdNZWtJclN4alNuQmMwYXJ3OGZTa3Y2cFBOdTVNYm44cXRCN1VHVTB4Y2ZqVmUzV1VGal9yNmVnTGRDUDFqcWZvY1VuT19qVWViY2dKSGU4NmZaN3FrRWJfQV9Jc2F5UkpUdk9tSXZDbUExNHhnb2xIN0hvN2JQZEpBTjJ5U0pRM0RzRVJIeFRLSk9xMDNtQ20ybm9nTjBHeDBOR0VuX04xRC1WVEFRNWFwNTJFV0p2cmwxdjFTSnU3MzIxX1ZvS1dxczZoWUR3dkxOUDVBMnZSVzZUM0dGNUZmMWxaeHJiRDFIX21yaTVDNXVyZFVfQ2kybUpCbXY1dFRVYzJtRzhqRG5yM3VGOUJyWnB5b2NsRGVlZnBFd09RT3RXTkQxODh1M2t3RFpHMjRuTTdfX1JjY21lanhVSzU2MEZjZW5Ga2k0bEw1SXRIR2I1UFZrcnlpTEIzNG9YUHdsVDBHRzdZZXZ0Y3hVcG1yVTVwZkZySFJvZGpCMnltZklxYld6UTAxTG5IZU5QNGxSaFJxNXp4TVM5SnBvUmFLT3pKNnFSUGVJSVd6bGU3em1uT1Emc2FpPUFNZmwtWVFsS01wSXhEQkYtSHNmOTZpXzJzTWRmSVIxdU1FMmNicHNCOHVoSHZOVl9NVXY1SXp2MENNRDJCVkFyakI3MUZESHJYQWNFZHlfMlBHVm9NUjMwVEhmeTJFV2JGQ3dOaXdqOWY0di1wSzQtOHVOclc4WDNaakQ2N0VxYUVYenlBN2pyYTRrZlhiVS1LMWc1d21qakNKbUJPQ3RmQzFrdmo4QmpfbDRHcXNrWXFBdkdETnNOWFpzRVFraE9ZNHBlSXlQcGdmOG1jdkdQSm94QXAydkV5cTBiT3lOLTd6V08tQ2FQdDB3cjlNaHA5Q1hZS0xFMWJETkJmLVlVMXJ1NXFHd1Y5ZGxpSnlsU29wb0lMNGlRMDg3S0dPNmNLUWJJMkduOURFR2tpZ1FUWWRXLWU3czAxUG9KX3dFNGZvNyZzaWc9Q2cwQXJLSlN6TWQ1cWo4dHppQ2FFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNpc2NvLmNvbS9jL2RlX2RlL3NvbHV0aW9ucy9oeWJyaWQtd29yay9yZXF1ZXN0LWRlbW8uaHRtbCUzRkNDSUQlM0RjYzAwMjQ2NCUyNk9JRCUzRGRtb2NvMDI4NjEwJTI2RFRJRCUzRHBkaXByZzAwMDAwMSUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D191547418%26dc_adid%3D557904688
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.57.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-57-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d88ff89f753d596418b13c34d4d9ccb20a5c589f132fa8c52925fb9a882799cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 12:27:39 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Id: cjdmueomnlk1vadvajag
Content-Length: 5262

POST
H2 204 csi
csi.gstatic.com/ Frame 944C 0
234 B 396ms
258ms Ping
image/gif 2800:3f0:4004:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llca460s&c=8500324391241&slotId=4250162195620.5&qqid=CJTX1-_U3oADFTrHKAUdazoALA&fb=outstream-lima&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 944C 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lzned.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 944C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5lzned.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

75ms
7ms

Fetch
video/mp4

2a00:1450:4001:13::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzned.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1253A66343924EB67784D2EAB1A2F7717F3A18BB.72E422F42B3F62213F0784947D4F52E1F059BBA7/key/cms1/cms_redirect/yes/mh/NA/mip/2a02:6ea0:c71b:0:1012:38e6:84da:afcf/mm/42/mn/sn-4g5lzned/ms/onc/mt/1692102061/mv/m/mvi/1/pl/48/file/file.mp4

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 12:27:40 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 5227658
Last-Modified: Thu, 11 May 2023 05:26:02 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 15 Aug 2023 12:27:40 GMT

Redirect headers

date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lzned.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1253A66343924EB67784D2EAB1A2F7717F3A18BB.72E422F42B3F62213F0784947D4F52E1F059BBA7/key/cms1/cms_redirect/yes/mh/NA/mip/2a02:6ea0:c71b:0:1012:38e6:84da:afcf/mm/42/mn/sn-4g5lzned/ms/onc/mt/1692102061/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1A59 23 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 276427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 07:40:32 GMT
expires: Sun, 11 Aug 2024 07:40:32 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A59 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 10:50:27 GMT

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 5 KB
3 KB 21ms
21ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist11&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-11-shop-tiles-prepend&d%5Bcategory_id%5D=11&d%5Btype%5D=visible&d%5Bshops_in_line%5D=12&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

3c08caead37296d4ac999bb8253c1316e14ffb0b9f2038422a14fdff3aa117a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:40 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:10:36 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:40 GMT
x-upstream-backend: letakomat-ams-w023
content-length: 695
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:10:36 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 21ms
21ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist14&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-14-shop-tiles-prepend&d%5Bcategory_id%5D=14&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

2d21cf8128773a8c28bd61871d4a651859255262f344d5469feda8c47e2ab813

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:40 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:10:36 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:40 GMT
x-upstream-backend: letakomat-ams-w029
content-length: 483
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:10:37 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 21ms
21ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist12&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-12-shop-tiles-prepend&d%5Bcategory_id%5D=12&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

b50673465e0b107b61d72eb4c8760a6ad51cc2a94b67329a041c31fa9ed5f826

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:40 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:10:36 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:40 GMT
x-upstream-backend: letakomat-ams-w028
content-length: 474
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:10:36 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 21ms
21ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist15&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-15-shop-tiles-prepend&d%5Bcategory_id%5D=15&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

f4fa8d097dcdf64893bf5231ff313a46ad77243e5e3a843575b4e8b92d27798e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:40 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:10:36 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:40 GMT
x-upstream-backend: letakomat-ams-w024
content-length: 434
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:10:36 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 39ms
38ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist16&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-16-shop-tiles-prepend&d%5Bcategory_id%5D=16&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

97669564f0c0cbd2cb1f01d970e2dd7477f1b372a535bca516bf9dcf200f2ebd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:40 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:10:36 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:40 GMT
x-upstream-backend: letakomat-ams-w008
content-length: 489
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:10:38 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 39ms
39ms XHR
text/html 77.91.72.156
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist17&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-17-shop-tiles-prepend&d%5Bcategory_id%5D=17&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4dd5b33d1a2f65b8f505cbf011634c01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.91.72.156 Budapest, Hungary, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

07437d0cc202db9bdd86938852b3b3278e2c2a65837e134e704ed70bcc69d086

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: vnM4gN0mVk6B2J58f3GBXSYkHPUPy5tJMo2z_LAWZIeLKQrsqXNmY8KIqUxPBbMyeQlpvXu62jBIyNeNhHos9Q==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 15 Aug 2023 12:27:40 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Tue, 15 Aug 2023 12:10:36 GMT
x-powered-by: Hyperia
x-proxy-date-now: Tuesday, 15-Aug-2023 12:27:40 GMT
x-upstream-backend: letakomat-ams-w004
content-length: 477
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Aug 2023 12:10:37 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/31/ 938 B
1 KB 16ms
12ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/31/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:46:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233648
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2Kz2baeSs%2Bk%2BONCmE0HNF5T8TlLwvHWwoCZcFXBCB4FJDcXoUyqS5z3PZ247%2B6j6npeKSTLG1nPs5cyzNk3ofqN9IsyKNnzGqSb271zvVwXCHtjPd9AuhNlMwvQ7x6us69KDLwDhPpWs7IsysMw79Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c103a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/3/ 2 KB
2 KB 19ms
15ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/3/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:07:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXW5%2F4H3WsiXbmVabqkcKipxoKfyGxBb%2BxzIblHU0yjnBEY5phkJRm5pum6qrXdt%2FPDNcU652Am5ix3Y5ftgT7OkWcSKWixjx9lyAS2bJ8ZfLNaCIR93oUGt9LKKXfYjKd5izHJatOth25bP5ij4rv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c133a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/4/ 1 KB
1 KB 20ms
16ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/4/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:10:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233648
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjYgZTUjtHQuApDvVZOI2CVKoYOXuzCxTCZlz%2BqeHkvyiz%2FOyyBP1JJKuVydLDlAxA%2Ft8JmjsrcKBiiDjcy%2Fsf2cOkcbjMXT8AQRri5gRAp5oBUCbXgKMsQEtMR3%2BL3P5W7l%2F9vFIBXxTG7UBcorUdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c163a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/35/ 706 B
1 KB 21ms
17ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/35/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233648
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zx20vz%2F0Db1DadzLPBqfQrrmAV0LwoXMiu3DUuZxAkAkA3WDmsr0xo403%2FyiwPLT%2BMcQc%2FAm5NoQ4K%2FJRhpu4rJew2k28zvUuQlY86psqSHhLxj7X99VMCr8QYt7sLhAAXYm9NPkQ32jTUjZ8hQj1vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c173a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/1/ 1 KB
1 KB 25ms
21ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/1/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:18:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233648
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR%2Bd%2FoWXS9L03wNGJm7y3xvq6LxkjSJulZTd%2F7hBdSmiYWrjhohOuMl3wK4N3tZHrtqd0WHkpuHjol1NndvlCPbftM9OE8f4IZ5oyHtGiW6k1rgkzqzF6gI9pYyLyIN4UFabrm65eJDPxnh5BK1u8pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c193a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/2/ 1 KB
1 KB 20ms
17ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/2/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:18:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncBKSp7XLqUauqgp%2B5CEBklY7H6SpxyB2PJIJHVDazBuCjC8iMTHj8HC3akfamOI8yQ%2Bma9gqlTK%2FECw%2BX%2FaEdQci8GG5xaDw0dHHduFGOB%2F1lMvQJdLJkKFC0%2FMTq5TTj64kJN8dCGeT4UenrdrSD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c1a3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/9/ 990 B
1 KB 22ms
19ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/9/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1223547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIWmZX02hilSTQKqIzvXKJdwcwaZHxZf52l8zVG9qMK46eTSGOfHR8D8pqdQOD43Kjo1lHJQnoaukQLx3LrHQUmNeleYdaPHgfpbovXcyJKkMYv1UEq5nSVPinTWV6AAgCENKi7vVBpS163lOiARKhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c1d3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/33/ 810 B
1 KB 19ms
16ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/33/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:07:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1223547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7biZPCbt630z%2B1rfIGMZ93VJ1gv7pu4ni7HnymhKUBJ6IisvOQ80vAlJx9fqIUufJ7pt1qfAKhCfAPJQPa%2Fct%2FW98v%2FW28Ds2JUu%2BIXN3Tnm%2BwVvi%2Ft1d%2BdZ8DSwINdLLxqsobh2zfgFcdcelgWK8%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c213a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/34/ 580 B
901 B 21ms
17ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/34/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:04:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPFtOqDSwk2e6M7jVPRCt3ynPeIBpWmmlF14PySWv7%2Fr%2BIsLOjFO%2BJljEuPISNoAUaJXwGLts05Pdt9qp8DALnO7gGq9bvy8jxglUr7YTRKvv0oQDHlf%2F5nAmUf0MH0sfEYxhZ4MAWLGiS%2FgpzvuiZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c223a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/8/ 1002 B
1 KB 21ms
18ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/8/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:05:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nz3vurC2ip4PuXUq3vmdBYyqI7ttZi26EfYMCI8YsliAy%2BH3QUr9WsYCLhZzpH4tDwIqnJGkjSfBOIaCzKOgo38v4TErhXji3SyXDvrKpyMuhrZ6lmgZVhxZbgL52bFIVcxIsINk1git9wOwo3P2BMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed79c233a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/5/ 638 B
955 B 23ms
20ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/5/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:00:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149478
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASsaXYqFMMLbGYMrKD4TD491rjtnQ8NkBQurtm0RvDu7V9XqDK91To%2FDk674rwiVjTuB2uZ%2F54OZLStGOHb1QWmYrtBD%2Bxh2Ln1wuWRpOAsmdpKdqO1y19KPvEiCxb%2FLo8cIIlabkrxhPLF%2Bd0iCYE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac2b3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/32/ 724 B
1 KB 23ms
20ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/32/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:41:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149478
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xy%2BLcd3Kwy7%2BJSL%2Fd2gXihG4fxXYV1kaVoifm7cKPkbC7dBUWY5%2B%2Fwo3UvXjKN5OPsm6ui%2B1doT9hLSZgvjNHTSC3Mxfz5x0quemO3AqcKTImUcl%2FpgftX3G%2B6z2K2wVKvsALaOuBuKUobFS0PNYI10%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac2d3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/16/ 786 B
1 KB 27ms
24ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/16/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:44:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149476
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxGVSUoVUCEyqg6iTWPUMXr0H7CIfZJ981nrUbGpxuJ%2FO2PNlppTPFLoW8EwGi%2Bvd6TX6%2BKFkxOrBS0cviTY3uH9xwzUyQsGetUnSxprpU5uT6u6elxQaxE8u9GDLHBWv%2FFxMYuG30HJLe9Vwump4i0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac2e3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/17/ 824 B
1 KB 26ms
23ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/17/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149476
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yjezx1C8wGVpC8wikrbkcOOarE5vd5CBWZ4KzOV5Hc%2FBnyMR54HLUhfMgMXlNkQdlcauuim2driGhLhKlUDRIlO%2BcsaJyqpCrUiVl7ABRJyaHBdYsxedg%2BDpB7OLM2VsQiPfGmJ0iL5B31hlDZ4aUyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac2f3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/15/ 1 KB
2 KB 25ms
22ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/15/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149467
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tICSA5hOXrTDsrduN5Q4ksLwK0giAEgxmFr3NyeHL5Lhgp7JJCBZMB23it78pZYfZmQuyAP9N1hobo5JVqt2nbJLAkJN7QHwARUuHdrJ7nkcgaFhKx9Ki8AP2kxlwOWkC4USa9LFlW1mdL4a3Fjr9QU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac303a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/14/ 796 B
1 KB 27ms
24ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/14/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:03:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149467
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4I6teMkssmkPROTSbj2SdHTwAAQ2WeLwmqBF0jQIVql6psp4I9DIxmRZsami7rwprl1jkLQYYDhFPW62aF%2ByI%2BylyohXIeTgguA%2BTCnbXgQ9tN31Fc2Viu3o0MGsXwlfKg84JCto789O2OjEKsKjTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac313a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/18/ 622 B
931 B 22ms
19ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/18/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:11:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1223543
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A9AsAcL3pBzc24RajkUwY5gnyrjwLvaF0nhHR7HaaoVWfevp7c52dDZRJRE9eJ435CxuhROcIJmyex89hrgMM0eLqC8bwFocXPpg6gdUyAVCA0TtrI64k05lbd9%2FNGq9CXfDIptbv0tJkmlquZab1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac333a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/20/ 1 KB
2 KB 24ms
21ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/20/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:44:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149466
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggFVFd3jOA6YD2w72IcNs8kglTBSsRlT51%2BaV9RFA29KZ5zdWVfJ2QMSpa133j57Ae8LcqB9%2Bs%2BRMzUnRFW9b8qO6lwHR0FNJiRQk1oAimjtjPhPEb6gD8laIjvcFLvEuhDtj91JNX34n%2B4e3YZ5rIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac343a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/21/ 838 B
1 KB 23ms
20ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/21/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1223510
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIHObt%2BtYUHXELgFQzfZjx6u3duHWsGp5QSv7iuK1d7%2FPfG6coWqHSNlXNxj5%2FhMG1Gm5TFiP3lQ84K7Jr%2FFXsRfdPd1lu7bYlPnn8Pj7vi9%2FdMvfR1lOTxaohuKlHHvZwxqg2ywmWGoHP3dxBwq9BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac353a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/19/ 918 B
1 KB 25ms
23ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/19/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149466
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aan74hfCM0fXxs2%2BdO%2F3tYDNxs5qDKAvMIilxD6nnHuQYG6giEZ%2B635Nx60BtLs%2BhGPsfzyLP%2BNlP8id%2BweuIRXPZIOeGMIqPccZXNEbrz%2BiwFfDabvoeR5cA4mNuhBDg3E9ese%2B7lDcBET8XQmTdY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac363a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/22/ 798 B
1 KB 27ms
25ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/22/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:44:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149466
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PunMzkoiU9WVPlfRi4GDl89V%2FoyEp7KElQhCUlzwQ0IFX64zdb8aB%2FG0HSEZ%2F3KNGDcxl%2BqBVgb0cUoCkMjdqRR%2FgTV%2FNIFTCzW9H6bgxYQlnd9BV6jhbwyYdXsAR%2B2ygc0KXEtNgeqLXV25quuod3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac383a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/29/ 776 B
1 KB 28ms
26ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/29/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149466
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4sGn5QAQF3BBLV8Q5tz9Yo2v9edNPdaMeC7n7Or9xp2g5iz0aO5d2yC3itTrf6V%2BVmxvAA3oYMBy3X8pFMkj6GZUZBAy0HCOEHSR0BMBxYtAe9pugLb%2BDhqX1CtgzB9fYJq%2BHExMm89Uvv5sZsPTic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac393a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/11/ 824 B
1 KB 28ms
25ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/11/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:07:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RMpbX3aIehxNKiklsUhoT%2BYS9kmLMO675XABkVyCXwV8waJUPm2xDoIkIrbPL6OnS5RS1uby2y3VCrJdcSqKMqnxO3WmhIwcSL3ZLjVemcpGdj7w0DnIVqABBK9qM0jOs%2BRuVURdBpLnDTp5SUTUZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac3a3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/12/ 498 B
808 B 25ms
23ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/12/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:41:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149466
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgePhAmy%2Ff4pby%2BA4T26y%2BxVHxliCTxXvIzV2DW05PI7ESnVze4CunCBc2jz60LWBPNsW2rfCT7NisFvr2fJhaRV57xEeRTShvC4b1nhSwe8H%2BZNIQnQSonjRAhY34Dqt2fFFIctHxFLs9PffKJPfQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac3c3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/28/ 828 B
1 KB 23ms
22ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/28/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:05:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1223509
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIgsayKX9wPlKFVp9w0yhWrq65vCTR32jkdRTQDveulnAIqgmUN4ka795yLovec%2BHquOB7Qiqnf3o%2FffdDOqaE1LObJee3RqqEWlLYW1FBu0wFMNpiZHvsLnYQCjfgBoxQe9a%2FvDkeD1%2Bytu6m1wPZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7ac3e3a78-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/24/ 786 B
1 KB 23ms
21ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/24/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:08:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeOQ5%2BqxV4h%2BCMCXZhOlk2Ept2HXnpFNxkkoQT7mx7%2BMt2YYhrk%2FpfTVO9Rl9XB3DQmoHkK%2BI3UFiqI%2BW4tatxbJKqSNDzpLZjAAjpXX9F3ePkwAIaS9SDNK9jrx3KTWNEX0vPxnvwqbU4N1Bwf%2Biaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7aaab4d91-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/25/ 1 KB
1 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/25/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVkepbjcWo98Q9Vx1y0LIbJueb1WP9qbA6CjBC9GVLER8WfCorTvMjQWRJkB2G0SCAGXCsLxru1P%2FwStfapNx9X1UPpapQ5EWQwtyYg4CR9cybaYQjyLh9fA6MRaHG4B%2BA%2B2xgTVPT3KsTmS21H%2FgPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7aaac4d91-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/26/ 462 B
939 B 20ms
19ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/26/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:20:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAipfDZj8J3hzqrRwS82Ym8jbV2KWKFt25JPPxuUFfeN%2FWrXhyCeS3LNTQc7qG3o24uzVmkaRFwgo6Ziu%2BY%2FRNfx8zMs58kgOZ4BGJz44VedSpLf9E2RkrIl1RwRJK1flw4a4I%2By6AMzTPGSi6s%2Bs2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7aaae4d91-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/38/ 548 B
1023 B 20ms
19ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/38/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBMyU1nEPzUjZA4UF1nKA31%2BUNhn7LhOjgCX%2Bpwi1qmjuKPD21u9r9bwV9fYH4dTR10HWumzxYdvDahsoeZHvOPVs5JfT3vXbwfV8z%2BE9jAefuUbh90ws4L%2FtkPJMVjsQWK2cPdpZCRucl1sGo4pIPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7aab04d91-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/39/ 552 B
1 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/39/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:13:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpC17puewarToztsSyPJjkJRbFI7LY6dAHfKpJ7QiwFSgPLwgZiHwQPuq26kdmtMXpyOO7HZd5O8N1d2g%2BGBgS8GU2gCpgbXxsf3398ydlavBsQqq0zgdhGPmHC%2BfyPX52qBDZkHkin8fpASZ7SSTPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7aab14d91-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu.leafletscdns.com/com.ua/data/37/ 568 B
1 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.leafletscdns.com/com.ua/data/37/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:36:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7kUSUCNRpaCJPUiTI0%2BqUue9mYnYnyTpria2mht3cWI6PBQn%2FEZIc3GLLjVWIF0NRkae2DcrbGsMPOFiZKYi23cwKnPVpN46o9lZ6OFnxNfTFotlJP9UDcQhs7uglOknWxLC2JRAhiGNaZtm7j1ZV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7f716ed7aab24d91-FRA
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 206 file.mp4
r1---sn-4g5lzned.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 944C 166 KB
0 17ms
7ms Media
video/mp4 2a00:1450:4001:13::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 15 Aug 2023 12:27:40 GMT
date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-5227657/5227658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 5227658
last-modified: Thu, 11 May 2023 05:26:02 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A59 0
20 B 111ms
111ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bm-2rO2_bZL6RLOzBmLAP6oWK0AwAAAAAOAHgBAI&bg=!IiGlIXXNAAaiGN5Pghg7ADkAdvg8Whg4mJqOGRaLKNmp8v8vjHOtRL4j89M0txjPKkcXbzVmS0rHv82CpV5FiO-2c-rnQSueYToCAAAAY1IAAAAIaAEHmQMYsYt7ksUJf7lh-swPtn8N0F9bSHLYZn8gfSf1UTnY9KblZtDZA5qxreXVbw1JACzkx_2NieqourUq207ND95b0bvzs1RTUwXpA60DFHc2WS6CLdwVV9p20a-zfFto7-ge1vAFvGdPE_GLyMfrX7UFcqJKOgAJ69liw3o3YWOypuN37bIwSyme9cEZXgzk4XG3QS0L0muGPzInsZBHOa7gisIhERjfLasmVc2Mwbv-kFrp_145SFQ5mqnfmLflz-shbTvkhU2AN4IJ0pmL3E9E1h33lh3Beha8RHVYrupFvK1TlzwB_REriVEeJPBglUehgxqoFi7vn6BtTzeAeR9nZYOsPxwgwKTH2glbFdzk5unAk8Zu3-WNhRFLuJsEpc1B-Qv_1xv5TljvRQff1vf0uN8NvSYXzlylVAIQSjVrTzvZfrXpcmxLROXBVqemcnfCpWRWiRePnG7P2o0j4sLbSo0lEd1MsajHpDI8j2SmfsQ5L_HSSbz2oZJillp6EpmLMw-OJMjGI1ugDe8QM_5DpVoPeTQM5svwLPOJVMegqXcT8GyW70EFKamRBE8iTYDZxbOrj5OPyW1y8l0E2ueKJmKkZhQ2qf9kjkDFQkEM7u9Gdmeb0YTCjN8z5sMsqH7Lj1rFMxE6Q4fUm2Pdf14u6hkvn79VE5kh3WYvjwT6GMMymIPzGZqAE6wWicrsHvBI9T9L48YjH0sgeNVMG5mZI-IAjhwIOhTkjPPj7pbHBtdzdzKX1CCCMy0VmHR8WkMiC0EIAJCyaEP6ETl6oZUT-VNItkd_Lhto_pYtd9qqTHGyUQ3Dk_8mUZ-V1ajd1-Vxz9O5kEXqPm95dShNh0c_84I3PIC9eEgrzubNe0T3W4eod6lhYRz78NMFLWP05phlEyrMzPXFgRCJpHrAo1RP0_FHyNmyzZD6ScOti5OYncfDlgggb43DHUmCgiAIOWG2860oPrhzimIMZShyqrmaMOrTBGYXyXSBqb4jL9QtDTfr2UeE3UTJuZK0wCMf3CXJC_OsnGQ6Q5wXwehLdCiU5WzH9td2fcEx

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F343 624 B
242 B 50ms
49ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARj54tzgATAB&v=APEucNX7EX-B-HdtFqM7vptwCr5ufV-FWo9d0lsIHFZkLSnthldsQvHAgF5tVd737gDjDC6md5t6b2Hk8yn9gYVtD6h6suK4Bl9LXBNrZFW6tRvPVxOWjrJBA-KcYFgAkz3pVZj4e4h0DjwTyuTOtRKDAXWXEONGkn4QNumVACLSwU1qLUR-DKY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:27:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 12EA 86 KB
29 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:40 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1135760/69474494/xbbe/creative/ Frame 12EA 258 KB
79 KB 108ms
33ms Script
application/javascript 52.213.146.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1135760/69474494/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4UE9OSA9hH4jC5CyBW2KldR98Mhazm1SGHodKVZvlPGKhg6EG-OMGSigZGy0JtDOBjfgBgSK4vuAiL_YAw315PwNLmuJQptOmYlESiRcAoCZ_4EOLGljneM17iRZP1_kBBNo4nKn4O_hZ-TQYg_WdLkmPM7kEvE_GhKluAyNKZNUElYjZJSTa11P7kyzw_uhBL79c7OCNLxg5fNAlGpSLUVhTWTBMbpb6Xki-LWQFGvE-xBGvF9yXitytBGk8kce38n6r89lbqdxwrqnK3XNRZ5jPjGQHwIMP5DXtBsyVDkri_QNOyL3yjBmBlFPfFvQJBHkbjbYJX5LDnRntl_0RLknLtVJLK3aUJiZCqMCV2CuwhgNspJucNbJU_D-k7MAxXzAQ3fHPjoRTINsiiYqy9ybE2SoyLoIEh_sRXI_QhDaryth2nRRyh45rRtHgptOoQ2nCUGryi-hvh3Yt6y6nZu92cxYKpxBIvZeu0QpajE3hwr9quGuzbH-GH8NaQnKNMppkHm7V9uwWFlOntNQW8NXw4-FGV-wP9XNpe0XqqbuEN1RwLDPz1Mc2ekNMAN7vD6FB_hYp-eHOcizaDp_YY-a0kuOgpeOQbscUyh-Atkb1Sj7Q648thQoHTKcaKDHCMUe4Fzj0xMJNjIVv1Pj__tF_QoFYblEKMT91t0R1_hwGCgPNaf8JBPJ030LnK2PZCMZQV10H9IM15haetYveNT7VUf04ayC1JUScmRaydm6I2_o_VSPs1-Ucd8IygnYwI_aV8q6rUbGKCSLuwfBzKI3eG5urJzpihU9RwVX_eVlMINejS--CTiRQyxD0ZI9DGFSw7KGBBKwr6b8OxxGL1CBJrMrsmkZK7sGEpRV1nfVRRQxPvM-a01pYvx179CT3x8duQn6Zad58ED_all-Eouxkyl79pmskWDApBRHxoL8EAOMD6_SP6308XGJsutggwiee4SXqd7Cs8afSmfX7mhvsNoFw621MxwuMdCu2icG_be1IXN6vczKgsZ5172_TsdHQJa4znosAj1teZ9BKH_oalxryU_WAOCJeBkFLbOF1WsvF4P9ujlWUCIs4xE1qIXQ5-hW0gm4cQ2qSZj8Meom8m80EHnI9mb0VT0W8yxfUySaMm5LcTCmIgzQzcUD3tC5tOJpisL_RWauLsStmY1hF6Paoq0ReNLXr0rvCLCEyl3umi6KhtgFY1AcY4TAm_NSrNNYgjUYBzzUDL7LRRe0jSN0pMFabuZtRboELCzxz1gS4WER0ljGXo6850lJGiA31yvCiUgT-85ZhC0BykmyNP2tgEdmTSYAiAZplHMl0OmfwAJF8FKA9tFPHW5jSeIYCar4ueBT7-yj-N6zXh2k_hivlde6e1SJSLj22AasURde9X_FXEUxQlr_hZyfqZrCTtRMU1vLtkBNObeguTDgwYFoAR2OrLLuUN-1nr4FpwUB7TJt686BXGY5WIdXmKwjpK7xr3YlLpc6LV-kOS4BdQ3tty6HEVPPVVYikrO17n5NHl5Kmk0W-pKjZzVpqV9d6WbBVIbhR9hOd10O_AWGcBSyu28QOxjboikHHL78rAPR9bNlq_RG1Ox2FvniUo4KncItCbBbk4JsL7ipDuR4XM9eg5zAoVFRvbuB2c1RgfKKRP4ghOWRsYOdKCjMWVp_z0KqvGv86vCQnpfPJu3_9Gx8CrMRTSlanbxZCs3AvPyEfqZmV2uawxZ2zDGkofRh_1GkcQWworuEXKJZMatS5BdXH1iEL8F-yp5sfFFF3rbWq98XadtCqtDgwW64j7MyYZ8Dtb-d46k9RtEkw7n_4FtK27h6ty2dbzusWG6FFnGrcmcg4lykeNB3r7tP8zapvh2S4jfOZTXdRoYYWUKwBjBYl8wNV3HE7YZAaCEPG29AawlQxB-ONESTWETr8CV8_n_TLQDApGQGEOl5GPqqz8SThhc4_VB-EZ8Kr4cpvzh7eF7iYzxGJzQRzLY_G1_5e0iTK0zl4SbkPVzNTz1gWQdmb5NH8DEAGnzXVfd7hzC5WuhzxjmcETkzIgFsHh3HYxxmHJIkDDMYBeVOZU3vQ3Axvn7qi-vTiZ-uGCfCLneTFRT9cMtneFXQMQX-H8cE0bKk_1K65jCgomZyzD1soBzehvv6cn_XTUPu48hrLmorfpFbOvelrFEgGa2Ai-qVreLgeqDySapMQMDoF1eDLTlqsB-2kkvo8PAcZRxJpNVV1MF07iJUcWYE0Ur-In04banjDbPf6wXLa8HsMvjHCuxPmIbg7u4LiiYkV7h4z-4DELD_GBYBPFxw_6qfGBnclMZPFIcTMdfN_o8WOa-_LJ_SLymoE_D_1ANivzHmgDdt1quwcth3quTFSW_p_bk8P3Yp6EfIqPCJz_OT9qgPfLXQjrbNhbM0lGZM00n1XyM20_-PB5ti8lBc3orXCZSgbfKfRtn2c-978rHQm2ZfNPYKGwjyLuqMCMaB5TpidMb2sJHrLaK3z2DZ_xu4o7kOctIEp8tTyF0Mb_pW6KuCfqwNH-TE8lwPfVQi3DujHSF_h91jHaUkWqNqPTS35UTDXWcnrHnlcginq41RwFkKVt9NcjtKDGFtsdLrwAAU4uFVzeRx3SH9JB15ZgYemVm62XdLJcV4vRu6_8XebrZPr70-zDDYxc7mny4cS4DWItmfYXhl3xDEYX_cEt4JDoYWFydLABGXNBuWJNcDsXEXbJFPHHzmQpFQBEWVBwUBdQSP6_uyHxDconQs0PNVqQb8qRIkgc0OXhiSWKlSoBmhvmr94mnbS-uA_QpKY-IH0KPE5PtJlbt4OCjNRa5KaJLiaUuMK7zlbWClOOeX8lMS36ukLVo6X1Nc3KXGw6D8kWPb7rHYMyJalZ_etP16HvAjCeuDWaQVwYVAFbonXDrCLV2I8qJ5A3e87tN7eRO3vPWsn2Pezn2hew_6GrVDwNpHe703AvbQTr7i5PWFdrz7Gr8nQLT8dIPS3raILZotQRNlF0kdOK1mDv5qB-4QRSSXF-UhwwfXa-KnZiUbwVW3Bng9WJUTao5gyUIdlcMEi7ukncbXG4Sq7KZkbU38NS2wYvHrbjem3wT_xra91P37rGPFrEx9ior-ahEEPsxpGOh0uh0jGjHv-lxZ_9EvTqWhOJ3EAuSt-xXApqpO5Cg635gQe7WAqILSRX5fih1PVXGqE1FvrWeGoYpBee9iAr1tdEcyHZ1FPmUYicu6JkskjtlHxbTYgWo6zUI9lohF6R3kxEeEyNBDDcZz6GZAfQbvLVahH3vNuQBVx5vL5ExmiVllpUbbDwRaWa1u3l7SSNqnqnQ4jRGEQ9TIpsmPO7SZj0U2xf-yGdhDNh7m3xXk6bmWv90xu8YILvNSjq5DUJDxf1cwUpDEgGjom0EB-FPzMz06FXg7kGNET_OpDdws5MuX3cKsa0zrWue-5XIE1SV-lPKbQCEC-GcvIBGqEea-gw6KV1Eej5bgmZ1w1vcKU9Dt0PwcK4__CNT7ercu8xpRTXLYlssz3qZSp4b8l07rqmOTDyMnNI-Kd1-e7W7K8dw94MxZj0CaEDVD1x7C0jtZS_vTG81F6nuTdn64SoS1sLi2b_wGGCr69uD4w9ZFo48kWYCVZvHJmI4vbPUMHQCyDktOuutN7DdrrpHYOTTcJbg_M0wTLZNcaWpZg6jV2Q3cCeZKFJPdYSUxqU9AUIbwS6XM2-sdSFJb1zy8WNgVl-s5fejJdZhR_kBKY-unjcFVKhr3S_NLnKncB6RNNJDf7vXCN3QEwPG-a5AaJ1OobQqWvMJyzyvPronLx0-bcZR16-guUV1ffO3t0XU222yavsRJFds5_6JgsGqQ1VGbQvjKLuYoalVXcURMEFp6z6i1G-gTMr2UwylNolKjzs__1u-GORYlbIKn_JEHvlNBcwECo-rbFt5eOMGidBnOiSHEbS440j-QwcAMhi4012vLJqptULFbErfS996MPw9RfPhTfn7rB40oVqyG9cFDLYTBqiCTmSrKrkvdwObxmrHX6gt1PSMvGxPhyEkCYI8HQ_W5QGi8IBBIpAGkCUlYHgf8MJt_YwLCFpukKTWWREqaLxKEqm-HdRJ_n_C21AcnMH3EYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=20253320828&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h7NYaFMOVehTFQ1YWRGiD1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.146.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-146-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 98257f881d41a98eb04cf92e2fa5776b332562102537141023564ff9525072d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 12EA 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 10:50:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 12EA 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12EA 180 KB
57 KB 56ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12EA 42 B
63 B 106ms
105ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaaXc0TvCCRZOW7lTyTCnTEITfu8E19XUxonYZ4BbDtT7RTGk9FC4dvuAwHzOFxUM45_yLezH-LkYubBfw4csahyX8tZvDewaCxnkZ1_wMXq_H8Nc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12EA 0
20 B 105ms
105ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6308277497056461604&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F343
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1&C=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARj54tzgATAB&v=APEucNX7EX-B-HdtFqM7vptwCr5ufV-FWo9d0lsIHFZkLSnthldsQvHAgF5tVd737gDjDC6md5t6b2Hk8yn9gYVtD6h6suK4Bl9LXBNrZFW6tRvPVxOWjrJBA-KcYFgAkz3pVZj4e4h0DjwTyuTOtRKDAXWXEONGkn4QNumVACLSwU1qLUR-DKY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 12:27:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 12:27:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F343
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtvPMUz3mWLpG-fdJL3AgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARj54tzgATAB&v=APEucNX7EX-B-HdtFqM7vptwCr5ufV-FWo9d0lsIHFZkLSnthldsQvHAgF5tVd737gDjDC6md5t6b2Hk8yn9gYVtD6h6suK4Bl9LXBNrZFW6tRvPVxOWjrJBA-KcYFgAkz3pVZj4e4h0DjwTyuTOtRKDAXWXEONGkn4QNumVACLSwU1qLUR-DKY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 12:27:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECiFDnqEWPbETHPe1U__BGA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame F343
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELdRbt88PRJpNzAnOPVG-90&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELdRbt88PRJpNzAnOPVG-90%26google_cver%3D1

43 B
895 B

13ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELdRbt88PRJpNzAnOPVG-90%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARj54tzgATAB&v=APEucNX7EX-B-HdtFqM7vptwCr5ufV-FWo9d0lsIHFZkLSnthldsQvHAgF5tVd737gDjDC6md5t6b2Hk8yn9gYVtD6h6suK4Bl9LXBNrZFW6tRvPVxOWjrJBA-KcYFgAkz3pVZj4e4h0DjwTyuTOtRKDAXWXEONGkn4QNumVACLSwU1qLUR-DKY

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
an-x-request-uuid: 6f1c6833-9049-41d7-996d-355c132c477d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
an-x-request-uuid: 9089c409-480f-4a76-b1ac-f0e6568bba49
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELdRbt88PRJpNzAnOPVG-90%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F343
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D

170 B
188 B

28ms
28ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
an-x-request-uuid: ffbf527e-665c-4864-af5e-69a49d4a4e70
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D
x-proxy-origin: 138.199.38.134; 138.199.38.134; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12EA 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1484645534206&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12EA 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1484645534206&version=m202307240101&ct=76&x=1&cor=6308277497056462000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 12EA 16 KB
12 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsmhT4gZIuJGV-6qD-Byut0GoZCiPiNA3QtrPeIUBcbFr335wm23huWvAaTrFAcmmjVsSkbX3_IvYTexEPlNiCiozw-Js4-XNYCVzJShSSsgGdnhqm4-_aRVbecc7_YAR7PlojPn0G34YwTOH-_WNi0W_I0vpXni61LoNDl_BFCBGo8Rw&cry=1&dbm_d=AKAmf-DGdzcMkn3mHrbp8jAATWRsPpdEUuXvAtxm4jFPuBi63WMzYmdWXcrnPCDjnlI2DokhER_k00I-XUKDe0-_nfzxKDppdXhl3sPQkt9IeHnBtPpD_iQ1f1L8sX4KboGlIh4PEVDD4sbN-VBV5ht4VpVazoftt6KK24eHNTaDDoFaxRnrfMf7bwyWBBfs6EPLWqkbb8e6oM3Rvzr94sNT-q2E0YGLEQajdv77vedy_lg-KvzrtcvBoHoz9PF_O9dOB3q456LFIVV4LUgyxf_4HowgYTXcVAUXKiZptMzwsQFAz5J6dNhrbYrnh96BBclSPvpB2VQxxZ9hvopcWrejxlZMSMHVwG9TuTALCReRoQOC3I5WcoG8tbfG14hUq9Mt4GMzCiPdaE7kdi3bO6sJuvmu25N73lST1MWGEb4WHF4mnItilirAVscvd4yllRauvkxNLWhffAt3J1YRg-Ne99nNo31xrQ2EuWEMlJgACGuCAo-Qgs_M9e_ZhSCvm9w0BQRLNhesARNF32gbnK7c0_-YuJp_6lj6cf1ox4c8LPOETYYDaGepCMk1nH0S9eZlqMI-fPRxMeof2e7QLeysiEtLHKBmZh2dlDJDc-534qzrqdx4P5Yw9yh6EutShaKV8zQ6dByEsL2plGwKeeq871FHHCpAAdhEEypxyegDSRQt23y5tkp9kNUr5Y-kigrJSnZN29wRq0BVnkms_roGJW85AQT66ISFf8HBMkT-5jEd-j85cXovnF81_sGMS-1C28rKICPmxqhassUgBnYTabA4RQdmilI2Zfq7GwwZ3TCP3FqQuzfL7vMbbtFMiIHxJuQtPqFNjpeewV5IwUpWcFOsKvQkvlBCkNgZqpsRTxePIbcGCMw5wP_Qki3ZFNaoZ4QbVgWsdO-rutVAc4WSiyAJGDTN-P7unPjs3B5g67OlNBoFSCjbVOIXE5wcpHlyO0KPs3TsQV6HElBf5jsccR93JTSAnkc3i-RLS9egs04ThwXg6l2kJa5FHyTiLzczkFzqnFpUFm3IwAILkAemscL-oTSxAuf02Yt0weprjnv-uPkGY0AHnQcl50wlB-c47LpPbcRBHY20ZQFao8HMqPV1pf_awX9C8c4ohORZnO9PLEL8ve7ERWJLdaVt6WIfyHcv3Yre2W5MABcuKCAeSHagCt0sHAZ3x4JqsQFk7nD8gpcGjLk7y-YS-JHU04qD151uOI5sDbhbkpx_ecGMHNa3ve8UlH5D5ywAh7_pfGggDgaoNYQ-Rzc4ux0ZWMFx5Ie2R7lXGONGcDGZUIjssjJ8y6MX9HpgVUPfLwbuhdCK5DndGGY_hElZvAOMTo6b9k_ot9BZ2x_6jKBCNCBx360LvS1ly9lQt9JpfdJn9vLvdGa7u_X5iTZWa_vSsjNFzRVxAlmhLcsB3NES1HuXSkM-9aXwLZlK3tfRAadP1RUdGZWWBkmzUTfMmA09tAIUiulXCOVaDPsTr5dmYqt9XB7NzRQP56IH28DoOe3u--wasRy6Fo3OOrHMYXEaoZHaz-I-TMcB5ZmXrvmvfkU1-uh4OnoB51A04VUQysfx3auzg_KyTHgTXZnSjOk7Mh1a2UxhPGG6YwY7ZtCdLRqs_z5NiC2j6i5n1-AJeVU9FqEw3ZyzdIBXkw9o_NmEULdwXcCmxbOXq9O7LryBXfz4vegjqZSj2bC65mAIODC-3GhjkjBMfZyKeJ4fZGtyoWa4tB5e1DBjxGXzlXANx7eRGAvCXrCN2WREEHRLg1WdGkrEpydQ__H4IcS-ev6OvhYa6jrKxw9meDOmS1SvgN8apJQXuFH0UIIN_P-kEjlUM7DaeKlDK7gwAAnAIFVcvo1Kyi_sESY4keYk2HJ20utTXiUy5OPJKD8XKBSlhZIywR9cXdXupgUCjj92cEl_Tgt1_gKkviSDoLrG65N0iKWmXKrsgEHNdpsDGAdkkbLxXSwi7z3pH44NtIAzLfZZ2TR6WmbpYr1Mo19QJRLzyh8qpZHUuo6HEwgcprjGJamcr5R_xUwXDNe7BhfHMBXAtLYaE3fQTwn7R86ddMXYwTgQfRBxaqZXl6B3DKL-RaEXCOciTWkoXZI5fWt0kBgeN8oYzycweSP8BI2ZeJhmeHe9Rvb6ZACIyklFYZ_oNL8UigPBNoCGDNsVMSnIIM7YQpMxa36S31bqyIdkq8YvTYCiKboMNhEIUqhXuYDUfIKpgF2kcKIGap3IAEi1ojcG0k4pScocK6OdqhFf8pg6r7TwV4S4AddvMjEGDWYJruFuy87Ada7lUk_y380UmtkagN8GyVGVCC6xRtzwkUOBIA8PQxj6SAY1EDtCSEKJjS8SeOzoRaHT1CErhSYyrrrCTXg1OtzRRl0xRFtdp-_kJWCPTboBhBEKE_9Q9hIs-00OYV4Y5SIgqGl_iot-t947nm-Y9W9vGF7O7Tll6zB0PbXsNndZcZQBeQk-o2RY0hsIGavTJicrok-w6Ytw1s39gng3Vws17BjeiVZOk5wVlUu1-KcbfT3OLmGBtnjycvCXHluTcuobpnPP2rY3Uz5TJleM3wCyQhF3iWpn-5K524PdVcHHxbdPAuPfsJ3teT0fSBnus9tk1lWx3Rp3FILmEC8rP1jQOc_9tkinmlS8l2Pi-mg_PyTw9dunzGHj4PxnlNUm96QccdSldZqm_YKmqGIosPwXijGfPvVwHOnEg75Hb3pSjAO0_WqEKH_h1kRsr6YjjKLCJLyG8BGSw1yzD7eEda8vNvwsymTbsrDsyAJDifI1x1UCK6H_XQ9y0jlh1B9-JOnFTaZ4xdJQgnRPgwmkeLofb9DY3TtcKpsHY8IqH0UhSAfD2yhUeGkV02AbV8WLipbqOke6s_jShqEBVSeVwC6TxbqU5Ho_XIRgEkYouvHwECGkPJm4GqniciP2yDIa2LK181JNNY4P4tYHFC2MjYQu_tnRkcQjxiHsaPh96DzapKMDlH1C8rfI4yTfXkZfoQlrOQAmoIeMqegGNYu64PW0uMF3&cid=CAQSKQBpAlJWB4H_DCbf2MCwhabpCk1lkRKmi8ShKpvh3USf5_wttQHJzB9xGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ds=l&xdt=1&iif=1&cor=6308277497056462000&adk=2124396030&idt=97&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffc7ec231f902818cbc9c3b1d4cc2f43f0aab9afa99c0aca9306209720b0cb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11893
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 944C 0
54 B 254ms
253ms Ping
image/gif 2800:3f0:4004:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~llca466b&c=8500324391241&slotId=4250162195620.5&qqid=CJTX1-_U3oADFTrHKAUdazoALA&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.17t~vil.1ds&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 12EA 41 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsmhT4gZIuJGV-6qD-Byut0GoZCiPiNA3QtrPeIUBcbFr335wm23huWvAaTrFAcmmjVsSkbX3_IvYTexEPlNiCiozw-Js4-XNYCVzJShSSsgGdnhqm4-_aRVbecc7_YAR7PlojPn0G34YwTOH-_WNi0W_I0vpXni61LoNDl_BFCBGo8Rw&cry=1&dbm_d=AKAmf-DGdzcMkn3mHrbp8jAATWRsPpdEUuXvAtxm4jFPuBi63WMzYmdWXcrnPCDjnlI2DokhER_k00I-XUKDe0-_nfzxKDppdXhl3sPQkt9IeHnBtPpD_iQ1f1L8sX4KboGlIh4PEVDD4sbN-VBV5ht4VpVazoftt6KK24eHNTaDDoFaxRnrfMf7bwyWBBfs6EPLWqkbb8e6oM3Rvzr94sNT-q2E0YGLEQajdv77vedy_lg-KvzrtcvBoHoz9PF_O9dOB3q456LFIVV4LUgyxf_4HowgYTXcVAUXKiZptMzwsQFAz5J6dNhrbYrnh96BBclSPvpB2VQxxZ9hvopcWrejxlZMSMHVwG9TuTALCReRoQOC3I5WcoG8tbfG14hUq9Mt4GMzCiPdaE7kdi3bO6sJuvmu25N73lST1MWGEb4WHF4mnItilirAVscvd4yllRauvkxNLWhffAt3J1YRg-Ne99nNo31xrQ2EuWEMlJgACGuCAo-Qgs_M9e_ZhSCvm9w0BQRLNhesARNF32gbnK7c0_-YuJp_6lj6cf1ox4c8LPOETYYDaGepCMk1nH0S9eZlqMI-fPRxMeof2e7QLeysiEtLHKBmZh2dlDJDc-534qzrqdx4P5Yw9yh6EutShaKV8zQ6dByEsL2plGwKeeq871FHHCpAAdhEEypxyegDSRQt23y5tkp9kNUr5Y-kigrJSnZN29wRq0BVnkms_roGJW85AQT66ISFf8HBMkT-5jEd-j85cXovnF81_sGMS-1C28rKICPmxqhassUgBnYTabA4RQdmilI2Zfq7GwwZ3TCP3FqQuzfL7vMbbtFMiIHxJuQtPqFNjpeewV5IwUpWcFOsKvQkvlBCkNgZqpsRTxePIbcGCMw5wP_Qki3ZFNaoZ4QbVgWsdO-rutVAc4WSiyAJGDTN-P7unPjs3B5g67OlNBoFSCjbVOIXE5wcpHlyO0KPs3TsQV6HElBf5jsccR93JTSAnkc3i-RLS9egs04ThwXg6l2kJa5FHyTiLzczkFzqnFpUFm3IwAILkAemscL-oTSxAuf02Yt0weprjnv-uPkGY0AHnQcl50wlB-c47LpPbcRBHY20ZQFao8HMqPV1pf_awX9C8c4ohORZnO9PLEL8ve7ERWJLdaVt6WIfyHcv3Yre2W5MABcuKCAeSHagCt0sHAZ3x4JqsQFk7nD8gpcGjLk7y-YS-JHU04qD151uOI5sDbhbkpx_ecGMHNa3ve8UlH5D5ywAh7_pfGggDgaoNYQ-Rzc4ux0ZWMFx5Ie2R7lXGONGcDGZUIjssjJ8y6MX9HpgVUPfLwbuhdCK5DndGGY_hElZvAOMTo6b9k_ot9BZ2x_6jKBCNCBx360LvS1ly9lQt9JpfdJn9vLvdGa7u_X5iTZWa_vSsjNFzRVxAlmhLcsB3NES1HuXSkM-9aXwLZlK3tfRAadP1RUdGZWWBkmzUTfMmA09tAIUiulXCOVaDPsTr5dmYqt9XB7NzRQP56IH28DoOe3u--wasRy6Fo3OOrHMYXEaoZHaz-I-TMcB5ZmXrvmvfkU1-uh4OnoB51A04VUQysfx3auzg_KyTHgTXZnSjOk7Mh1a2UxhPGG6YwY7ZtCdLRqs_z5NiC2j6i5n1-AJeVU9FqEw3ZyzdIBXkw9o_NmEULdwXcCmxbOXq9O7LryBXfz4vegjqZSj2bC65mAIODC-3GhjkjBMfZyKeJ4fZGtyoWa4tB5e1DBjxGXzlXANx7eRGAvCXrCN2WREEHRLg1WdGkrEpydQ__H4IcS-ev6OvhYa6jrKxw9meDOmS1SvgN8apJQXuFH0UIIN_P-kEjlUM7DaeKlDK7gwAAnAIFVcvo1Kyi_sESY4keYk2HJ20utTXiUy5OPJKD8XKBSlhZIywR9cXdXupgUCjj92cEl_Tgt1_gKkviSDoLrG65N0iKWmXKrsgEHNdpsDGAdkkbLxXSwi7z3pH44NtIAzLfZZ2TR6WmbpYr1Mo19QJRLzyh8qpZHUuo6HEwgcprjGJamcr5R_xUwXDNe7BhfHMBXAtLYaE3fQTwn7R86ddMXYwTgQfRBxaqZXl6B3DKL-RaEXCOciTWkoXZI5fWt0kBgeN8oYzycweSP8BI2ZeJhmeHe9Rvb6ZACIyklFYZ_oNL8UigPBNoCGDNsVMSnIIM7YQpMxa36S31bqyIdkq8YvTYCiKboMNhEIUqhXuYDUfIKpgF2kcKIGap3IAEi1ojcG0k4pScocK6OdqhFf8pg6r7TwV4S4AddvMjEGDWYJruFuy87Ada7lUk_y380UmtkagN8GyVGVCC6xRtzwkUOBIA8PQxj6SAY1EDtCSEKJjS8SeOzoRaHT1CErhSYyrrrCTXg1OtzRRl0xRFtdp-_kJWCPTboBhBEKE_9Q9hIs-00OYV4Y5SIgqGl_iot-t947nm-Y9W9vGF7O7Tll6zB0PbXsNndZcZQBeQk-o2RY0hsIGavTJicrok-w6Ytw1s39gng3Vws17BjeiVZOk5wVlUu1-KcbfT3OLmGBtnjycvCXHluTcuobpnPP2rY3Uz5TJleM3wCyQhF3iWpn-5K524PdVcHHxbdPAuPfsJ3teT0fSBnus9tk1lWx3Rp3FILmEC8rP1jQOc_9tkinmlS8l2Pi-mg_PyTw9dunzGHj4PxnlNUm96QccdSldZqm_YKmqGIosPwXijGfPvVwHOnEg75Hb3pSjAO0_WqEKH_h1kRsr6YjjKLCJLyG8BGSw1yzD7eEda8vNvwsymTbsrDsyAJDifI1x1UCK6H_XQ9y0jlh1B9-JOnFTaZ4xdJQgnRPgwmkeLofb9DY3TtcKpsHY8IqH0UhSAfD2yhUeGkV02AbV8WLipbqOke6s_jShqEBVSeVwC6TxbqU5Ho_XIRgEkYouvHwECGkPJm4GqniciP2yDIa2LK181JNNY4P4tYHFC2MjYQu_tnRkcQjxiHsaPh96DzapKMDlH1C8rfI4yTfXkZfoQlrOQAmoIeMqegGNYu64PW0uMF3&cid=CAQSKQBpAlJWB4H_DCbf2MCwhabpCk1lkRKmi8ShKpvh3USf5_wttQHJzB9xGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ds=l&xdt=1&iif=1&cor=6308277497056462000&adk=2124396030&idt=97&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 18:14:40 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A9A5 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:02:40 GMT
expires: Wed, 14 Aug 2024 12:02:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 12EA
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1135760/69474494/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBW...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4U...

71 KB
24 KB

54ms
53ms

Script
text/javascript

64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4UE9OSA9hH4jC5CyBW2KldR98Mhazm1SGHodKVZvlPGKhg6EG-OMGSigZGy0JtDOBjfgBgSK4vuAiL_YAw315PwNLmuJQptOmYlESiRcAoCZ_4EOLGljneM17iRZP1_kBBNo4nKn4O_hZ-TQYg_WdLkmPM7kEvE_GhKluAyNKZNUElYjZJSTa11P7kyzw_uhBL79c7OCNLxg5fNAlGpSLUVhTWTBMbpb6Xki-LWQFGvE-xBGvF9yXitytBGk8kce38n6r89lbqdxwrqnK3XNRZ5jPjGQHwIMP5DXtBsyVDkri_QNOyL3yjBmBlFPfFvQJBHkbjbYJX5LDnRntl_0RLknLtVJLK3aUJiZCqMCV2CuwhgNspJucNbJU_D-k7MAxXzAQ3fHPjoRTINsiiYqy9ybE2SoyLoIEh_sRXI_QhDaryth2nRRyh45rRtHgptOoQ2nCUGryi-hvh3Yt6y6nZu92cxYKpxBIvZeu0QpajE3hwr9quGuzbH-GH8NaQnKNMppkHm7V9uwWFlOntNQW8NXw4-FGV-wP9XNpe0XqqbuEN1RwLDPz1Mc2ekNMAN7vD6FB_hYp-eHOcizaDp_YY-a0kuOgpeOQbscUyh-Atkb1Sj7Q648thQoHTKcaKDHCMUe4Fzj0xMJNjIVv1Pj__tF_QoFYblEKMT91t0R1_hwGCgPNaf8JBPJ030LnK2PZCMZQV10H9IM15haetYveNT7VUf04ayC1JUScmRaydm6I2_o_VSPs1-Ucd8IygnYwI_aV8q6rUbGKCSLuwfBzKI3eG5urJzpihU9RwVX_eVlMINejS--CTiRQyxD0ZI9DGFSw7KGBBKwr6b8OxxGL1CBJrMrsmkZK7sGEpRV1nfVRRQxPvM-a01pYvx179CT3x8duQn6Zad58ED_all-Eouxkyl79pmskWDApBRHxoL8EAOMD6_SP6308XGJsutggwiee4SXqd7Cs8afSmfX7mhvsNoFw621MxwuMdCu2icG_be1IXN6vczKgsZ5172_TsdHQJa4znosAj1teZ9BKH_oalxryU_WAOCJeBkFLbOF1WsvF4P9ujlWUCIs4xE1qIXQ5-hW0gm4cQ2qSZj8Meom8m80EHnI9mb0VT0W8yxfUySaMm5LcTCmIgzQzcUD3tC5tOJpisL_RWauLsStmY1hF6Paoq0ReNLXr0rvCLCEyl3umi6KhtgFY1AcY4TAm_NSrNNYgjUYBzzUDL7LRRe0jSN0pMFabuZtRboELCzxz1gS4WER0ljGXo6850lJGiA31yvCiUgT-85ZhC0BykmyNP2tgEdmTSYAiAZplHMl0OmfwAJF8FKA9tFPHW5jSeIYCar4ueBT7-yj-N6zXh2k_hivlde6e1SJSLj22AasURde9X_FXEUxQlr_hZyfqZrCTtRMU1vLtkBNObeguTDgwYFoAR2OrLLuUN-1nr4FpwUB7TJt686BXGY5WIdXmKwjpK7xr3YlLpc6LV-kOS4BdQ3tty6HEVPPVVYikrO17n5NHl5Kmk0W-pKjZzVpqV9d6WbBVIbhR9hOd10O_AWGcBSyu28QOxjboikHHL78rAPR9bNlq_RG1Ox2FvniUo4KncItCbBbk4JsL7ipDuR4XM9eg5zAoVFRvbuB2c1RgfKKRP4ghOWRsYOdKCjMWVp_z0KqvGv86vCQnpfPJu3_9Gx8CrMRTSlanbxZCs3AvPyEfqZmV2uawxZ2zDGkofRh_1GkcQWworuEXKJZMatS5BdXH1iEL8F-yp5sfFFF3rbWq98XadtCqtDgwW64j7MyYZ8Dtb-d46k9RtEkw7n_4FtK27h6ty2dbzusWG6FFnGrcmcg4lykeNB3r7tP8zapvh2S4jfOZTXdRoYYWUKwBjBYl8wNV3HE7YZAaCEPG29AawlQxB-ONESTWETr8CV8_n_TLQDApGQGEOl5GPqqz8SThhc4_VB-EZ8Kr4cpvzh7eF7iYzxGJzQRzLY_G1_5e0iTK0zl4SbkPVzNTz1gWQdmb5NH8DEAGnzXVfd7hzC5WuhzxjmcETkzIgFsHh3HYxxmHJIkDDMYBeVOZU3vQ3Axvn7qi-vTiZ-uGCfCLneTFRT9cMtneFXQMQX-H8cE0bKk_1K65jCgomZyzD1soBzehvv6cn_XTUPu48hrLmorfpFbOvelrFEgGa2Ai-qVreLgeqDySapMQMDoF1eDLTlqsB-2kkvo8PAcZRxJpNVV1MF07iJUcWYE0Ur-In04banjDbPf6wXLa8HsMvjHCuxPmIbg7u4LiiYkV7h4z-4DELD_GBYBPFxw_6qfGBnclMZPFIcTMdfN_o8WOa-_LJ_SLymoE_D_1ANivzHmgDdt1quwcth3quTFSW_p_bk8P3Yp6EfIqPCJz_OT9qgPfLXQjrbNhbM0lGZM00n1XyM20_-PB5ti8lBc3orXCZSgbfKfRtn2c-978rHQm2ZfNPYKGwjyLuqMCMaB5TpidMb2sJHrLaK3z2DZ_xu4o7kOctIEp8tTyF0Mb_pW6KuCfqwNH-TE8lwPfVQi3DujHSF_h91jHaUkWqNqPTS35UTDXWcnrHnlcginq41RwFkKVt9NcjtKDGFtsdLrwAAU4uFVzeRx3SH9JB15ZgYemVm62XdLJcV4vRu6_8XebrZPr70-zDDYxc7mny4cS4DWItmfYXhl3xDEYX_cEt4JDoYWFydLABGXNBuWJNcDsXEXbJFPHHzmQpFQBEWVBwUBdQSP6_uyHxDconQs0PNVqQb8qRIkgc0OXhiSWKlSoBmhvmr94mnbS-uA_QpKY-IH0KPE5PtJlbt4OCjNRa5KaJLiaUuMK7zlbWClOOeX8lMS36ukLVo6X1Nc3KXGw6D8kWPb7rHYMyJalZ_etP16HvAjCeuDWaQVwYVAFbonXDrCLV2I8qJ5A3e87tN7eRO3vPWsn2Pezn2hew_6GrVDwNpHe703AvbQTr7i5PWFdrz7Gr8nQLT8dIPS3raILZotQRNlF0kdOK1mDv5qB-4QRSSXF-UhwwfXa-KnZiUbwVW3Bng9WJUTao5gyUIdlcMEi7ukncbXG4Sq7KZkbU38NS2wYvHrbjem3wT_xra91P37rGPFrEx9ior-ahEEPsxpGOh0uh0jGjHv-lxZ_9EvTqWhOJ3EAuSt-xXApqpO5Cg635gQe7WAqILSRX5fih1PVXGqE1FvrWeGoYpBee9iAr1tdEcyHZ1FPmUYicu6JkskjtlHxbTYgWo6zUI9lohF6R3kxEeEyNBDDcZz6GZAfQbvLVahH3vNuQBVx5vL5ExmiVllpUbbDwRaWa1u3l7SSNqnqnQ4jRGEQ9TIpsmPO7SZj0U2xf-yGdhDNh7m3xXk6bmWv90xu8YILvNSjq5DUJDxf1cwUpDEgGjom0EB-FPzMz06FXg7kGNET_OpDdws5MuX3cKsa0zrWue-5XIE1SV-lPKbQCEC-GcvIBGqEea-gw6KV1Eej5bgmZ1w1vcKU9Dt0PwcK4__CNT7ercu8xpRTXLYlssz3qZSp4b8l07rqmOTDyMnNI-Kd1-e7W7K8dw94MxZj0CaEDVD1x7C0jtZS_vTG81F6nuTdn64SoS1sLi2b_wGGCr69uD4w9ZFo48kWYCVZvHJmI4vbPUMHQCyDktOuutN7DdrrpHYOTTcJbg_M0wTLZNcaWpZg6jV2Q3cCeZKFJPdYSUxqU9AUIbwS6XM2-sdSFJb1zy8WNgVl-s5fejJdZhR_kBKY-unjcFVKhr3S_NLnKncB6RNNJDf7vXCN3QEwPG-a5AaJ1OobQqWvMJyzyvPronLx0-bcZR16-guUV1ffO3t0XU222yavsRJFds5_6JgsGqQ1VGbQvjKLuYoalVXcURMEFp6z6i1G-gTMr2UwylNolKjzs__1u-GORYlbIKn_JEHvlNBcwECo-rbFt5eOMGidBnOiSHEbS440j-QwcAMhi4012vLJqptULFbErfS996MPw9RfPhTfn7rB40oVqyG9cFDLYTBqiCTmSrKrkvdwObxmrHX6gt1PSMvGxPhyEkCYI8HQ_W5QGi8IBBIpAGkCUlYHgf8MJt_YwLCFpukKTWWREqaLxKEqm-HdRJ_n_C21AcnMH3EYAWAB&bundleId=

Requested by

Protocol

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e958fd55794b5a52a514dd4b7465aa2d623b5cc26c70df30a715a2cf6506d6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24912
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:40 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4UE9OSA9hH4jC5CyBW2KldR98Mhazm1SGHodKVZvlPGKhg6EG-OMGSigZGy0JtDOBjfgBgSK4vuAiL_YAw315PwNLmuJQptOmYlESiRcAoCZ_4EOLGljneM17iRZP1_kBBNo4nKn4O_hZ-TQYg_WdLkmPM7kEvE_GhKluAyNKZNUElYjZJSTa11P7kyzw_uhBL79c7OCNLxg5fNAlGpSLUVhTWTBMbpb6Xki-LWQFGvE-xBGvF9yXitytBGk8kce38n6r89lbqdxwrqnK3XNRZ5jPjGQHwIMP5DXtBsyVDkri_QNOyL3yjBmBlFPfFvQJBHkbjbYJX5LDnRntl_0RLknLtVJLK3aUJiZCqMCV2CuwhgNspJucNbJU_D-k7MAxXzAQ3fHPjoRTINsiiYqy9ybE2SoyLoIEh_sRXI_QhDaryth2nRRyh45rRtHgptOoQ2nCUGryi-hvh3Yt6y6nZu92cxYKpxBIvZeu0QpajE3hwr9quGuzbH-GH8NaQnKNMppkHm7V9uwWFlOntNQW8NXw4-FGV-wP9XNpe0XqqbuEN1RwLDPz1Mc2ekNMAN7vD6FB_hYp-eHOcizaDp_YY-a0kuOgpeOQbscUyh-Atkb1Sj7Q648thQoHTKcaKDHCMUe4Fzj0xMJNjIVv1Pj__tF_QoFYblEKMT91t0R1_hwGCgPNaf8JBPJ030LnK2PZCMZQV10H9IM15haetYveNT7VUf04ayC1JUScmRaydm6I2_o_VSPs1-Ucd8IygnYwI_aV8q6rUbGKCSLuwfBzKI3eG5urJzpihU9RwVX_eVlMINejS--CTiRQyxD0ZI9DGFSw7KGBBKwr6b8OxxGL1CBJrMrsmkZK7sGEpRV1nfVRRQxPvM-a01pYvx179CT3x8duQn6Zad58ED_all-Eouxkyl79pmskWDApBRHxoL8EAOMD6_SP6308XGJsutggwiee4SXqd7Cs8afSmfX7mhvsNoFw621MxwuMdCu2icG_be1IXN6vczKgsZ5172_TsdHQJa4znosAj1teZ9BKH_oalxryU_WAOCJeBkFLbOF1WsvF4P9ujlWUCIs4xE1qIXQ5-hW0gm4cQ2qSZj8Meom8m80EHnI9mb0VT0W8yxfUySaMm5LcTCmIgzQzcUD3tC5tOJpisL_RWauLsStmY1hF6Paoq0ReNLXr0rvCLCEyl3umi6KhtgFY1AcY4TAm_NSrNNYgjUYBzzUDL7LRRe0jSN0pMFabuZtRboELCzxz1gS4WER0ljGXo6850lJGiA31yvCiUgT-85ZhC0BykmyNP2tgEdmTSYAiAZplHMl0OmfwAJF8FKA9tFPHW5jSeIYCar4ueBT7-yj-N6zXh2k_hivlde6e1SJSLj22AasURde9X_FXEUxQlr_hZyfqZrCTtRMU1vLtkBNObeguTDgwYFoAR2OrLLuUN-1nr4FpwUB7TJt686BXGY5WIdXmKwjpK7xr3YlLpc6LV-kOS4BdQ3tty6HEVPPVVYikrO17n5NHl5Kmk0W-pKjZzVpqV9d6WbBVIbhR9hOd10O_AWGcBSyu28QOxjboikHHL78rAPR9bNlq_RG1Ox2FvniUo4KncItCbBbk4JsL7ipDuR4XM9eg5zAoVFRvbuB2c1RgfKKRP4ghOWRsYOdKCjMWVp_z0KqvGv86vCQnpfPJu3_9Gx8CrMRTSlanbxZCs3AvPyEfqZmV2uawxZ2zDGkofRh_1GkcQWworuEXKJZMatS5BdXH1iEL8F-yp5sfFFF3rbWq98XadtCqtDgwW64j7MyYZ8Dtb-d46k9RtEkw7n_4FtK27h6ty2dbzusWG6FFnGrcmcg4lykeNB3r7tP8zapvh2S4jfOZTXdRoYYWUKwBjBYl8wNV3HE7YZAaCEPG29AawlQxB-ONESTWETr8CV8_n_TLQDApGQGEOl5GPqqz8SThhc4_VB-EZ8Kr4cpvzh7eF7iYzxGJzQRzLY_G1_5e0iTK0zl4SbkPVzNTz1gWQdmb5NH8DEAGnzXVfd7hzC5WuhzxjmcETkzIgFsHh3HYxxmHJIkDDMYBeVOZU3vQ3Axvn7qi-vTiZ-uGCfCLneTFRT9cMtneFXQMQX-H8cE0bKk_1K65jCgomZyzD1soBzehvv6cn_XTUPu48hrLmorfpFbOvelrFEgGa2Ai-qVreLgeqDySapMQMDoF1eDLTlqsB-2kkvo8PAcZRxJpNVV1MF07iJUcWYE0Ur-In04banjDbPf6wXLa8HsMvjHCuxPmIbg7u4LiiYkV7h4z-4DELD_GBYBPFxw_6qfGBnclMZPFIcTMdfN_o8WOa-_LJ_SLymoE_D_1ANivzHmgDdt1quwcth3quTFSW_p_bk8P3Yp6EfIqPCJz_OT9qgPfLXQjrbNhbM0lGZM00n1XyM20_-PB5ti8lBc3orXCZSgbfKfRtn2c-978rHQm2ZfNPYKGwjyLuqMCMaB5TpidMb2sJHrLaK3z2DZ_xu4o7kOctIEp8tTyF0Mb_pW6KuCfqwNH-TE8lwPfVQi3DujHSF_h91jHaUkWqNqPTS35UTDXWcnrHnlcginq41RwFkKVt9NcjtKDGFtsdLrwAAU4uFVzeRx3SH9JB15ZgYemVm62XdLJcV4vRu6_8XebrZPr70-zDDYxc7mny4cS4DWItmfYXhl3xDEYX_cEt4JDoYWFydLABGXNBuWJNcDsXEXbJFPHHzmQpFQBEWVBwUBdQSP6_uyHxDconQs0PNVqQb8qRIkgc0OXhiSWKlSoBmhvmr94mnbS-uA_QpKY-IH0KPE5PtJlbt4OCjNRa5KaJLiaUuMK7zlbWClOOeX8lMS36ukLVo6X1Nc3KXGw6D8kWPb7rHYMyJalZ_etP16HvAjCeuDWaQVwYVAFbonXDrCLV2I8qJ5A3e87tN7eRO3vPWsn2Pezn2hew_6GrVDwNpHe703AvbQTr7i5PWFdrz7Gr8nQLT8dIPS3raILZotQRNlF0kdOK1mDv5qB-4QRSSXF-UhwwfXa-KnZiUbwVW3Bng9WJUTao5gyUIdlcMEi7ukncbXG4Sq7KZkbU38NS2wYvHrbjem3wT_xra91P37rGPFrEx9ior-ahEEPsxpGOh0uh0jGjHv-lxZ_9EvTqWhOJ3EAuSt-xXApqpO5Cg635gQe7WAqILSRX5fih1PVXGqE1FvrWeGoYpBee9iAr1tdEcyHZ1FPmUYicu6JkskjtlHxbTYgWo6zUI9lohF6R3kxEeEyNBDDcZz6GZAfQbvLVahH3vNuQBVx5vL5ExmiVllpUbbDwRaWa1u3l7SSNqnqnQ4jRGEQ9TIpsmPO7SZj0U2xf-yGdhDNh7m3xXk6bmWv90xu8YILvNSjq5DUJDxf1cwUpDEgGjom0EB-FPzMz06FXg7kGNET_OpDdws5MuX3cKsa0zrWue-5XIE1SV-lPKbQCEC-GcvIBGqEea-gw6KV1Eej5bgmZ1w1vcKU9Dt0PwcK4__CNT7ercu8xpRTXLYlssz3qZSp4b8l07rqmOTDyMnNI-Kd1-e7W7K8dw94MxZj0CaEDVD1x7C0jtZS_vTG81F6nuTdn64SoS1sLi2b_wGGCr69uD4w9ZFo48kWYCVZvHJmI4vbPUMHQCyDktOuutN7DdrrpHYOTTcJbg_M0wTLZNcaWpZg6jV2Q3cCeZKFJPdYSUxqU9AUIbwS6XM2-sdSFJb1zy8WNgVl-s5fejJdZhR_kBKY-unjcFVKhr3S_NLnKncB6RNNJDf7vXCN3QEwPG-a5AaJ1OobQqWvMJyzyvPronLx0-bcZR16-guUV1ffO3t0XU222yavsRJFds5_6JgsGqQ1VGbQvjKLuYoalVXcURMEFp6z6i1G-gTMr2UwylNolKjzs__1u-GORYlbIKn_JEHvlNBcwECo-rbFt5eOMGidBnOiSHEbS440j-QwcAMhi4012vLJqptULFbErfS996MPw9RfPhTfn7rB40oVqyG9cFDLYTBqiCTmSrKrkvdwObxmrHX6gt1PSMvGxPhyEkCYI8HQ_W5QGi8IBBIpAGkCUlYHgf8MJt_YwLCFpukKTWWREqaLxKEqm-HdRJ_n_C21AcnMH3EYAWAB&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8B2E 91 KB
92 KB 65ms
14ms Script
application/javascript 2600:9000:26da:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1525451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: AaRBp4ux3P1uLvVYfVLaqjN0Ba-6qkB7dqOkZWtzakah1KeDGD5zJg==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 104D 42 B
63 B 106ms
105ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJYEmNjCA0VIwC6DsBH9jN0i7gu7TGeQ9WbNdeRMCuCY_IGAd1nzmp-97HfNMD3SPCs0f6Qvg6bTKIRZJeY_7w4QNtx3YI5lvYOuX-m11bsQdZU04

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 104D 0
20 B 105ms
105ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15025164491024752888&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 104D 86 KB
29 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1135760/65089096/xbbe/creative/ Frame 104D 258 KB
79 KB 37ms
35ms Script
application/javascript 52.213.146.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWebmdf9tiOkZaKFF5CpeasCDKcNtQNt60fjHNvOWZ0AiQw0Wu_xjyyTKz75Kb--oJnSZ1jdGZCZvH6sJRZtBaK9e6yk9Gnzt9LZQS-RYAoCZ_4KwNpNbRZfZHZZr0oNA6BvNzeAzQbNcBJnebCD04XJt9DCMWDqwZu7146cyRgdDiC3Q72ZcGrMDJu1IJg7H_0T59L1izSPQ89o1BeaTnid_7mjkEryu9476nbBpJBcEIkeGKxt9Recd2ptNZdchvle8_lnBkFjHzCQd3uvSuecaxLHgRkLpgBAYH9hZRpComhrBEvzq2V1Yv9bc0dXtaCnk932kLxR6FEJd3hbW1A8MQwez1ddKdZcGN2P03aMQY9vtz-TIwjWuyHzHoZu36TvtRRyskOgBUPfMTRkWiMVN8kFt_ZPKUO6atN8zokoJtZ6yFbWUfTKkpSMXAn9AbXJ1Z9Ge13XwCYmDVkWGZjK3mqlvsLMfq_y5Gof74BjCqGdWqdvm4dcUD6iCeICp8ieX1kYp0vLv9rPvmO4vFgYhUYwwXXsipgtNOga7XBMX-_QrrrqHfPN2ihBLg--x64qRm999dfZdGQO6ICB0fGOeNELZia4LbB-gmC_mAPuPBC0blzJL2WPGBD8ye2VVM1YHfA3m-oWM083gMWm5HxhV4qMWZzB5_Qydhp9mhm6IBOaidwNOluv7r9-qb2-KOW5nUfZ75aHjqgPrGex-5x4O3pub8AaTJnI_LPMp1NCwgLnJo0nZhur2dvpIYcJqUqAGlbf__HqbmHoZmlWlP9s0qvrEXP53dFX9gFsGpm0T_WrYaVfdlfrHGHtupRIZP5f-0odmP_iCd13xOdIpehT5CXK-tg9SogPc3gChiRXbm-H8jV1fknVG1MPAPELQDJ13fmxe_Npqv3fXNbeUHY7JFC1KGHaEitCMPriBohe5YjoMiINpnOqVsTRbd9wIa8HoxEuTcLw26Kb7g9aozuDfkfvNNf7wG64JWcyWS6TiEMWyDkZTvxx9tj03f6L75jmDBcyVhbUUBKKbIowcfu0YvhyApmzhXmbZL2rdn96QfYN_Fmsg4lbHrr4Rxawu00uajElUROOtvMu5bte85wEdQcmSRF7wzaoXK2-s3Oe6CYROMc9zYUwTa5XgLADmAfvBL62PWWAvGifEdNYWjwm4jMeDNfvWSSQ_rjjNaZk37dDy_Qagw4KQE0i8LXp4oP-UROTo2OpcvJzJH23hIhMR7Ir5I8kCiK4abSCfO0YF5d6uPGnmC--7vYGTUEDz7ULPVzge2EsIfjGg636QIqE5CogsT8-g2_jbzn6h3dMWzjo2yIQnV_mPQGKwGsh1oDWAy-8ySbP30oaTyezdkuKJlawblzSCLCpUYmMGhjibz6sWwLDYWyKWAv8c3AQB12K5ore-B5C8qK7uy-k5J9WW19A947U9n3jNC3jpE3AsiGHBThUGgY68boU71n6jcQ5dfPnCnSRx6wlbW2Ch91WQBUSUvaOxJyAJoLzwrinmkjEKWMFrJL2KUaNwTb_OX8SC0vK9Y5DwYVFXnxn01XBTu9-ba6eYfD37xniEiFgVcEsGGvBo_-r0SAoVrxQ162JpRTFROVIFelWA61ihnhICbsHcktlx_mLfb_O5lnmjCDyYgI1MrBMJf_c82SO2V85_Y491w9msNw7Alof4kr_lxLeXvTt8ZoWFfdsY5z70ZW2_t9hFKKMrAcH-gYZggDHQiHPJyl6WVYJQiqc8bo-RTqqek3G6mKuZw2XFC7B9b7lE-2ZDbso9f5UcBmiPmUJkZpRdKVCwJzDjy0OZ4Tfm5ab7c8_P7N27kALbhL4QiQpaCJxnscBUMfbSiiC-C9VDRchyUidpphFZDX6L-jJscZGmgb52cYcz04dFyw4BLsNkT9bxj70jH2ZLeE7XdfYN49GeYPkuYZ6IYvTZX2JPL8FTrG4WteXXNJzSd3t44jot3F6FK_amZ8QRNgXeuEyyHwrGKaG4nA2x5Y4QdCOYjtAQ9qmsFNAAkgCMxo-2j1WDeQqfDeQzmKdjiRsf6PR2u1b2PrDcJOLLk-PfiE9vyP7We59RHKDGgiNlheuFbyUUSowV-JS48cisMoh8w_dIKjesNjfYjhTw_Ew-QpnJkPgiKBgziSywGSmI08AjChT4F002L2ShKmnCSWySZwAq4dwbr1P6qlCYsgDZ0mlXGuvpzc5Wuwm7BBpsYlicbWro8S2AWvquMURrmckgyzv5G2O0nddfQ4KXjPSWT49kwgK5HDkVnpANRfESfjeFibS-rp0PA3A5tXWD8a9m3S5AliGoW3leGD1Oo4kNAfv5FacAwVgogczdRdsAybupx6SLTBCYQ9rK1KUmxfg8Af8KHFDrgxYzBXiKK0pyj0VtPekKb5ZJ0jMHVLBO-gfnAydNqgygz9GtLlyioCnucgIHHQDi2mZXXrTeOAWPye3BJaTV8dyGUgttwY3U_mYkvqlFY4h5h3pU9hSHBxrEVIlUB4OGDPVcFWb5YMuw8Yg22Y-f3npH-tb0eHUO2gYi9vprB9laxNvYMBEYmrkPQzjLUN0nU5Enve3Rgrla-TT357djR2n2XwYP4YPRaVOL1TeiY5Zv5rB2Jl6dIFJsOottetRB6m8oy6tOf0r0dz_GKZYhtNteZbdDipxpp6Vap6E7fB7iQtKRQ2WOSd_9-qPeY4K9_Ypn-NCPpO_mP6P6no-SG3nffmh2uJHphV7AKuXbniP1zrNFYpyeG5vx8JyoZ3Ioxn-y2kCwkFBdaPWEWMvR5Wx5zVqZgadz6Sys_LcFIOrcTuZXIxvjDGU1fSLy6GbzlEFn0COzWzFPZG8JEi82ip28kQulSu90_LGY3-Q3jk-dNy872SHepUATZqfBWaxU1lFAxbQ0PQw1B3DlHyE3yZUMr_aU48Y8-vWsE9HkvjBm354i149cNdMmDG7Wb-nHZTsd3uU_Lw3zPx-vOnf0g1j5Y8Il6VJPW1rrKUB0EA1g_gUAo5FdnZ8sP6Fusdd6pl-f0iMmMzRPdkHAh0VELty9qtIruJ7qCacRvhnFmIDMRohgel2Pgt765GN19VkbG3uQzbBcnMF-deyBx33zyBmFVXr5Yvyxnh2-XJfVi1YIpKSJ-frI9wxRM8mqcpfcCX2pva8yV6hnJOdOuQiDwBAJ70cM699ttAKyb7SW75misEN7rWGW43AFgLilPwPrG3NORHIJxbAYD6o21Q1JFm3lMDsVeFjSwJ1KmPTO_f6djnWwFm5Adg42RYPnMsjMxwC6czJ0eVnRtknjBBFoX4nRfU6D3BfJhaIQoH4fAhBsheLzT1rNhvNgQU7PuHqIHcvV3BiWTJ5GbpUPnAFoKMnwV1LpSSbdap_7s290B8BWmS5-RAxAd0Fzn8FnYi7YErv7uTwR3BhBPdstCu3a2u91yJOwAohWdLdD48lanJm6yzXp0USCWjDkJE9EvRtIlt5DKgT81uA-NNmj79Eq6X9yzg5wWa-cts6IpzDPYRHNpSh6SF6VaF4K_3SvKeFw0VWbbmKICMpmkYK8W5klQpqzkZJrYRaTs2DPHf5ikz_4MLjfkNDqidPZl0iJzPGrGBNbvJ-osj2MeIpV8bYcvJk80EWbIwd_5oFhR-RZvXTFHKrh8vPs0XMZ8W7irIcnlM5s0Oey6e2K_Y8GzLOdom51DFWC2f2MwfaGd44t4Rdw3qPuw89Y5k4WRQyb9egP3OP54v6LFpQHrhsbjNY0zf6l1FDgMCxkNPAiusoAZRu7iCmHmyFxzhbbuh9_9ffHeqMiLJ-LCjRD7Ck0DTReI4cqNx9EwSlrBUDt_W6LGIAenOGUfbZHAZV-k4n-Bc9vDqbo-0RgxRgGO5c_LlM1SU1ubylnE-W7hKv6UNSNNqQcir6eb9oGAm2O0qOrZ2OtNXmLceETPYQu_v6lgl8mYLcqlvnFZB9i2GiNfTZsaNFxdAkJWKYf6KEAe5fUufVzvlHgGKPljHdbRxY3iORPi1d_qqU79I8soaIo0H7gtFLwaLwgEEikAaQJSVoKshJk2LKxn5E_aR-YxKzWodMA6h3opo8EvgL008mQsItKGUhgBYAE&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=20163094551&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jhuH0CmQL9KleePtliPKfu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.146.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-146-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5b2c292950e27823a3ecfda204fc0d798547d3861b2cfb7eaf50d2d641f374ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 104D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 10:50:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 104D 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 104D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSMBvPub1Ev4wQLBenhuQyfkStb9Lad2VBF4kt5WDmkW_wyAWded5qpCB5Rnn97Qou-mVO4Z74yS80nACvYSYYknj_Tw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 104D 180 KB
56 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 12EA 43 B
216 B 297ms
95ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=99823bb9-7c04-019f-1262-a025d8444f59&tv=%7Bc:lmK7yR,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tN0lu0l+11%7C12%7C131*.1135760-69474494%7C1311%7C1312%7C14%7C1511%7C1512%7C1513,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 12EA 43 B
215 B 296ms
97ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=99823bb9-7c04-019f-1262-a025d8444f59&tv=%7Bc:lmK7yS,pingTime:-6,time:89,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tN0lu0l+11%7C12%7C131*.1135760-69474494%7C1311%7C1312%7C14%7C1511%7C1512%7C1513,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&tpiLookup=ao:www.oferlo.com.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 931C 624 B
242 B 51ms
50ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNW5q5Lxl8vK0tmsVNWOxMW-ETYDOeFqHpR0pSrsJQayohHRwLH9zJKjnIIncXnBM5eqPR9l_h5_aXArgXKRh4tlWD3oMhnYKlfobKLw2qXEuqqxQ6sOi9pZOnBv4Z1pJpF5p_oPf-mdh-HbOLkrGLswAfifssfADtsgjYtDdx1wuzXy8CY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:27:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 12EA 43 B
215 B 288ms
96ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=99823bb9-7c04-019f-1262-a025d8444f59&tv=%7Bc:lmK7z1,pingTime:-2,time:98,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:210,beZ:211,mfA:214,cmA:216,inA:216,inZ:220,prA:220,prZ:229,si:234,poA:235,poZ:278,cmZ:278,mfZ:278,loA:298,loZ:301,ltA:308,ltZ:308%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:98,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tN0lu0l+11%7C12%7C131*.1135760-69474494%7C1311%7C1312%7C14%7C1511%7C1512%7C1513,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:25,sinceFw:72,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame A9A5 38 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 06:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 06:32:39 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 931C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNW5q5Lxl8vK0tmsVNWOxMW-ETYDOeFqHpR0pSrsJQayohHRwLH9zJKjnIIncXnBM5eqPR9l_h5_aXArgXKRh4tlWD3oMhnYKlfobKLw2qXEuqqxQ6sOi9pZOnBv4Z1pJpF5p_oPf-mdh-HbOLkrGLswAfifssfADtsgjYtDdx1wuzXy8CY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 12:27:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 931C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtvPMUz3mWLpG-fdJL3AgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNW5q5Lxl8vK0tmsVNWOxMW-ETYDOeFqHpR0pSrsJQayohHRwLH9zJKjnIIncXnBM5eqPR9l_h5_aXArgXKRh4tlWD3oMhnYKlfobKLw2qXEuqqxQ6sOi9pZOnBv4Z1pJpF5p_oPf-mdh-HbOLkrGLswAfifssfADtsgjYtDdx1wuzXy8CY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 12:27:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCDEhHTdk6T2JQ7P872_24&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 931C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnn_Y7L1w0B6RnBtSdxx7A&google_cver=1

43 B
846 B

13ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMnn_Y7L1w0B6RnBtSdxx7A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjDsaDRATAB&v=APEucNW5q5Lxl8vK0tmsVNWOxMW-ETYDOeFqHpR0pSrsJQayohHRwLH9zJKjnIIncXnBM5eqPR9l_h5_aXArgXKRh4tlWD3oMhnYKlfobKLw2qXEuqqxQ6sOi9pZOnBv4Z1pJpF5p_oPf-mdh-HbOLkrGLswAfifssfADtsgjYtDdx1wuzXy8CY

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
an-x-request-uuid: 822a411c-aed7-4169-a613-0f814d6b186a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMnn_Y7L1w0B6RnBtSdxx7A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 931C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D

170 B
188 B

28ms
28ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
an-x-request-uuid: 5df11249-6160-47e2-a5c9-0e7a561433f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAwNDc2NjUyNjc1MTg4MTIzOQ%3D%3D
x-proxy-origin: 138.199.38.134; 138.199.38.134; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 12EA 111 KB
39 KB 55ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 12EA 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474494/xbbe/creative/adj?p=APEucNWPDC64KzD6tM808fE_JTn8nYQSdSE9VxsH7aDvTcBVes--H9g&d=CokBAKAmf-Doc0u5cUczNk72J2F7DYXlwg81JEp_6A3meha7AyOj5nDpBS3tzBWKlOyq62apaNEixvf9tDCqnYo4UE9OSA9hH4jC5CyBW2KldR98Mhazm1SGHodKVZvlPGKhg6EG-OMGSigZGy0JtDOBjfgBgSK4vuAiL_YAw315PwNLmuJQptOmYlESiRcAoCZ_4EOLGljneM17iRZP1_kBBNo4nKn4O_hZ-TQYg_WdLkmPM7kEvE_GhKluAyNKZNUElYjZJSTa11P7kyzw_uhBL79c7OCNLxg5fNAlGpSLUVhTWTBMbpb6Xki-LWQFGvE-xBGvF9yXitytBGk8kce38n6r89lbqdxwrqnK3XNRZ5jPjGQHwIMP5DXtBsyVDkri_QNOyL3yjBmBlFPfFvQJBHkbjbYJX5LDnRntl_0RLknLtVJLK3aUJiZCqMCV2CuwhgNspJucNbJU_D-k7MAxXzAQ3fHPjoRTINsiiYqy9ybE2SoyLoIEh_sRXI_QhDaryth2nRRyh45rRtHgptOoQ2nCUGryi-hvh3Yt6y6nZu92cxYKpxBIvZeu0QpajE3hwr9quGuzbH-GH8NaQnKNMppkHm7V9uwWFlOntNQW8NXw4-FGV-wP9XNpe0XqqbuEN1RwLDPz1Mc2ekNMAN7vD6FB_hYp-eHOcizaDp_YY-a0kuOgpeOQbscUyh-Atkb1Sj7Q648thQoHTKcaKDHCMUe4Fzj0xMJNjIVv1Pj__tF_QoFYblEKMT91t0R1_hwGCgPNaf8JBPJ030LnK2PZCMZQV10H9IM15haetYveNT7VUf04ayC1JUScmRaydm6I2_o_VSPs1-Ucd8IygnYwI_aV8q6rUbGKCSLuwfBzKI3eG5urJzpihU9RwVX_eVlMINejS--CTiRQyxD0ZI9DGFSw7KGBBKwr6b8OxxGL1CBJrMrsmkZK7sGEpRV1nfVRRQxPvM-a01pYvx179CT3x8duQn6Zad58ED_all-Eouxkyl79pmskWDApBRHxoL8EAOMD6_SP6308XGJsutggwiee4SXqd7Cs8afSmfX7mhvsNoFw621MxwuMdCu2icG_be1IXN6vczKgsZ5172_TsdHQJa4znosAj1teZ9BKH_oalxryU_WAOCJeBkFLbOF1WsvF4P9ujlWUCIs4xE1qIXQ5-hW0gm4cQ2qSZj8Meom8m80EHnI9mb0VT0W8yxfUySaMm5LcTCmIgzQzcUD3tC5tOJpisL_RWauLsStmY1hF6Paoq0ReNLXr0rvCLCEyl3umi6KhtgFY1AcY4TAm_NSrNNYgjUYBzzUDL7LRRe0jSN0pMFabuZtRboELCzxz1gS4WER0ljGXo6850lJGiA31yvCiUgT-85ZhC0BykmyNP2tgEdmTSYAiAZplHMl0OmfwAJF8FKA9tFPHW5jSeIYCar4ueBT7-yj-N6zXh2k_hivlde6e1SJSLj22AasURde9X_FXEUxQlr_hZyfqZrCTtRMU1vLtkBNObeguTDgwYFoAR2OrLLuUN-1nr4FpwUB7TJt686BXGY5WIdXmKwjpK7xr3YlLpc6LV-kOS4BdQ3tty6HEVPPVVYikrO17n5NHl5Kmk0W-pKjZzVpqV9d6WbBVIbhR9hOd10O_AWGcBSyu28QOxjboikHHL78rAPR9bNlq_RG1Ox2FvniUo4KncItCbBbk4JsL7ipDuR4XM9eg5zAoVFRvbuB2c1RgfKKRP4ghOWRsYOdKCjMWVp_z0KqvGv86vCQnpfPJu3_9Gx8CrMRTSlanbxZCs3AvPyEfqZmV2uawxZ2zDGkofRh_1GkcQWworuEXKJZMatS5BdXH1iEL8F-yp5sfFFF3rbWq98XadtCqtDgwW64j7MyYZ8Dtb-d46k9RtEkw7n_4FtK27h6ty2dbzusWG6FFnGrcmcg4lykeNB3r7tP8zapvh2S4jfOZTXdRoYYWUKwBjBYl8wNV3HE7YZAaCEPG29AawlQxB-ONESTWETr8CV8_n_TLQDApGQGEOl5GPqqz8SThhc4_VB-EZ8Kr4cpvzh7eF7iYzxGJzQRzLY_G1_5e0iTK0zl4SbkPVzNTz1gWQdmb5NH8DEAGnzXVfd7hzC5WuhzxjmcETkzIgFsHh3HYxxmHJIkDDMYBeVOZU3vQ3Axvn7qi-vTiZ-uGCfCLneTFRT9cMtneFXQMQX-H8cE0bKk_1K65jCgomZyzD1soBzehvv6cn_XTUPu48hrLmorfpFbOvelrFEgGa2Ai-qVreLgeqDySapMQMDoF1eDLTlqsB-2kkvo8PAcZRxJpNVV1MF07iJUcWYE0Ur-In04banjDbPf6wXLa8HsMvjHCuxPmIbg7u4LiiYkV7h4z-4DELD_GBYBPFxw_6qfGBnclMZPFIcTMdfN_o8WOa-_LJ_SLymoE_D_1ANivzHmgDdt1quwcth3quTFSW_p_bk8P3Yp6EfIqPCJz_OT9qgPfLXQjrbNhbM0lGZM00n1XyM20_-PB5ti8lBc3orXCZSgbfKfRtn2c-978rHQm2ZfNPYKGwjyLuqMCMaB5TpidMb2sJHrLaK3z2DZ_xu4o7kOctIEp8tTyF0Mb_pW6KuCfqwNH-TE8lwPfVQi3DujHSF_h91jHaUkWqNqPTS35UTDXWcnrHnlcginq41RwFkKVt9NcjtKDGFtsdLrwAAU4uFVzeRx3SH9JB15ZgYemVm62XdLJcV4vRu6_8XebrZPr70-zDDYxc7mny4cS4DWItmfYXhl3xDEYX_cEt4JDoYWFydLABGXNBuWJNcDsXEXbJFPHHzmQpFQBEWVBwUBdQSP6_uyHxDconQs0PNVqQb8qRIkgc0OXhiSWKlSoBmhvmr94mnbS-uA_QpKY-IH0KPE5PtJlbt4OCjNRa5KaJLiaUuMK7zlbWClOOeX8lMS36ukLVo6X1Nc3KXGw6D8kWPb7rHYMyJalZ_etP16HvAjCeuDWaQVwYVAFbonXDrCLV2I8qJ5A3e87tN7eRO3vPWsn2Pezn2hew_6GrVDwNpHe703AvbQTr7i5PWFdrz7Gr8nQLT8dIPS3raILZotQRNlF0kdOK1mDv5qB-4QRSSXF-UhwwfXa-KnZiUbwVW3Bng9WJUTao5gyUIdlcMEi7ukncbXG4Sq7KZkbU38NS2wYvHrbjem3wT_xra91P37rGPFrEx9ior-ahEEPsxpGOh0uh0jGjHv-lxZ_9EvTqWhOJ3EAuSt-xXApqpO5Cg635gQe7WAqILSRX5fih1PVXGqE1FvrWeGoYpBee9iAr1tdEcyHZ1FPmUYicu6JkskjtlHxbTYgWo6zUI9lohF6R3kxEeEyNBDDcZz6GZAfQbvLVahH3vNuQBVx5vL5ExmiVllpUbbDwRaWa1u3l7SSNqnqnQ4jRGEQ9TIpsmPO7SZj0U2xf-yGdhDNh7m3xXk6bmWv90xu8YILvNSjq5DUJDxf1cwUpDEgGjom0EB-FPzMz06FXg7kGNET_OpDdws5MuX3cKsa0zrWue-5XIE1SV-lPKbQCEC-GcvIBGqEea-gw6KV1Eej5bgmZ1w1vcKU9Dt0PwcK4__CNT7ercu8xpRTXLYlssz3qZSp4b8l07rqmOTDyMnNI-Kd1-e7W7K8dw94MxZj0CaEDVD1x7C0jtZS_vTG81F6nuTdn64SoS1sLi2b_wGGCr69uD4w9ZFo48kWYCVZvHJmI4vbPUMHQCyDktOuutN7DdrrpHYOTTcJbg_M0wTLZNcaWpZg6jV2Q3cCeZKFJPdYSUxqU9AUIbwS6XM2-sdSFJb1zy8WNgVl-s5fejJdZhR_kBKY-unjcFVKhr3S_NLnKncB6RNNJDf7vXCN3QEwPG-a5AaJ1OobQqWvMJyzyvPronLx0-bcZR16-guUV1ffO3t0XU222yavsRJFds5_6JgsGqQ1VGbQvjKLuYoalVXcURMEFp6z6i1G-gTMr2UwylNolKjzs__1u-GORYlbIKn_JEHvlNBcwECo-rbFt5eOMGidBnOiSHEbS440j-QwcAMhi4012vLJqptULFbErfS996MPw9RfPhTfn7rB40oVqyG9cFDLYTBqiCTmSrKrkvdwObxmrHX6gt1PSMvGxPhyEkCYI8HQ_W5QGi8IBBIpAGkCUlYHgf8MJt_YwLCFpukKTWWREqaLxKEqm-HdRJ_n_C21AcnMH3EYAWAB&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=20253320828&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h7NYaFMOVehTFQ1YWRGiD1&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1447540957213601%26output%3Dhtml%26h%3D600%26slotname%3D1893062441%26adk%3D3122728471%26adf%3D3220986866%26pi%3Dt.ma~as.1893062441%26w%3D170%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1692095258%26rafmt%3D1%26format%3D170x600%26url%3Dhttps%253A%252F%252Fwww.oferlo.com.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1692102458205%26bpp%3D7%26bdt%3D171%26idt%3D242%26shv%3Dr20230810%26mjsv%3Dm202308090102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2708358061136%26frm%3D20%26pv%3D1%26ga_vid%3D902450206.1692102458%26ga_sid%3D1692102458%26ga_hid%3D1258383018%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D55%26ady%3D167%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077018%252C44799955%26oid%3D2%26pvsid%3D4424351942008326%26tmod%3D559232684%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D3GRX8ke5s0%26p%3Dhttps%253A%2F%2Fwww.oferlo.com.ua%26dtd%3D247&adsafe_type=bed&adsafe_jsinfo=,id:99823bb9-7c04-019f-1262-a025d8444f59,c:lmK7xP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f9f8cb9c9-f6kvk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tN0lu0l+11%7C12%7C131*.1135760-69474494%7C1311%7C1312%7C14%7C1511%7C1512%7C1513,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:2083c27c-3b67-11ee-b89d-fa47611d367f,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 02:41:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 12EA 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 02:41:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 757C 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Wed, 16 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 12EA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8a199b19af88ef723e0f1e5596f66f2d1f00ce5e1bbea9e2cd1e0f3ef4f7143

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 104D 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1555213740500&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 104D 0
20 B 105ms
104ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1555213740500&version=m202307240101&ct=76&x=1&cor=15025164491024753000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 104D 15 KB
12 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1yshSmcF0quXTsrLn9bAccNYMxY0S9JfSrV1_Zw5NFEXsOs7srMr9BYP1PMfIrjLy0nGpitnja55lDzJ6H27R3LWnd7t-lMNuwkDqIeF415UWxN8aWNePE-3a6veHLFsMe6HeNm6Fgp7-33dH824EyIHO41sTo-AFbsQdAzd9w0nypjI&cry=1&dbm_d=AKAmf-BYtsUhQEwJQpfuZb4R_egUV4wmsxgZiHESdwpxE887DkOrW9DWl48EKjDwXwsWLeGHgzsb-dVwoMsTsjfkH_Vj9TFPB3-9xUsL3YTndgVKKO-124CHMuOTF2aFL77pFnRGu3NZJ_Gc4ONoy-ucyRRfHUVSoarRwUkzSBzfKI2MclAtf8w7_WcaW3TPIIcgO9f0H78yqlrtZWDZiZLXV5dtb1-dbSQuizBoyNPkjfKOOV4zyrvanEOjlY8zrffmn0_g6gMW5IB-ciKSNHtoxm-Kt4Cs51dqjSxozycIlGsZW-eD_viP2RmRpMFf8pzdGcvLQUuQu6typLFE08wFI7_2Z2PI2VT6ArWufxtmXIPu8WxJRjI5PA7UFsJ8lJbRMp4KADBlpTuwdKIlAoR7XgaVdsrMJl5EJv2AMVW2vVEC6AWmoEWxqj2VmWj6lVNmIm3JLa1HlGTm0kAiHXZjfxyKiZGalLrZ0afIyQhQLb-kDzkYcBpZaQ4pT4BU7lzHlyC7-RlCgqoNuGUFxUnM8NRpPdwgqB6f44f4w6zT9KVi2UbHAOvIC9nxVvUZdONOTfxyBvIYBA3wXHPNedQ2nH3Vtvzs6QC7-uKRazniWeKWbGLG_SeXFVWImDteJcHoHP5YzmjVFGtK_N08qoqgNXBXYzbh94Jzx2bKdi7jr_MR8eIDf-DGes_qR-xOqAFrLlWaRqaY8iPoUF1VKYz63CPHoyellgSWQSwtdTMjFPPm-qHTyYvFUhFAMYg9aksQrpk01WQmvla1mypdgo8f4r47O-dHODbfoPIYbFFEq5__R36NUCSdObzpAmcu1SMup579XC72sgOJu0fVRKPsB_qpPTWZFkjZ-2xyKJ-4Qv0BkDpDK0KOQVsKkeFKh2Gos0IyZJbExLIYBHT_m8bsepxwjDNYxDqIR3XLfEybkFWVKhx0ghdGTCWBQH5mdMpA-g2nHp6PhMuau8dPcguI6fQ4OZe-RPlZE1CNAFcAEVHZX-Ck2TpfPx-K2qs3o-NJx7oji_rwtKICudBZZJ7ST7WWsSd_DybJSOmlQi9BZNHMNIJCFC4pWbOXDBgbNd9_4gxNOKyx8IThNuUc1XMjhjaU5ncBiOcW_grvbOEBmSaRIe_kss5xKlIxwVFkeZv8kKWlOfmRL4cILr5ow__T2ujXGyiy4WJN-S3BVlaAAj4qW4xMDkKo95EY_XBMSwk-YnQTzqgVSbTW20PskaixCXs0b2V_kCIzKchz0-Lv9uhxJwutJlQHuYlaBTxjaNjJ7plHhmSZsoCaCxc1ZitxfEQifPa8EAYaLhtlKylK-x1zsLLFa-jhbVNmyGMsycEEkxIA49I7uTaRBeSGLI_pXU5IToYGwn0bfgprQW21AIYKavU2AYQq15A-A8YRvTrY0wolUPUzyMNYNncZs7qhKix9BGwsC5JUsXWQrcgTP49BvMRoQn8J9prVvxzQXia5jrdviomsck6zCYG49O4PCgcstje0DgDDZSBOmw_YGDk2YMrHCXMRPVN0FXlcfnrqom0RHszQOglCK_weU49zHPfggHfWPF9vu-SvOt60hrAXZ8zG6WOVP4yYcz4ZA9sQ1u9GS7_j_s8xT4j5wxe69s99JKsF6UNf1boCGiu1rIsVdfYnP5ucDPtNjdWEQgkoSk5e0cUh_64-RkAKj_B1MCAD-4okRI3Sk4ejGT0FjLcRc303egqwnLXj5OLfJOOnFbaes1g-zCqGniHFxLlKi40OhIsAidLQVNS6_j0eMaYv97k1m79rJTXTdnzWaXCz40mV5dSbGiSMEw04z5xVkZXpxnbPeS8oQJynCCCLw24TDO3t5_PDC74V_mzaN4quhd8hps3ArwS8DVCYOXwlGVh557zSsOtBPwBOVji0vab2LjNeftfdqaE00TT51SZkeW4sif3GRVmH6U1FJw2RZ_S_Hx5GjjLXohDIQYA7HMB__upEjxE8XcFt74ymJ-FMYx3hKlBvP0p6Y-EfWPO7rrXQU0QjVFT-0z1AmHnZivIOszhEiLouqIzz4O3VL2xjVYhkW9N4ngwklpus0w-6daW917y5GZ_p7Ou0Q-6nnbMicsUuYSexphfW_bq4sfMiG-UyV_5sWRNajm8lTsSgSO_FyTJdqiy7AdT8GAxQGltyofIDDexPDEnPKsRceWew3-jVnB9YihYvEfV1f4gSVeSa_tZVVNya6DgidhXfZEtFeUft35SdqPnTmuI5ya57PAjEIGn8Bualg9AqK9GIP5YCw7D8nmB4TvXSMfqgnPOLPOg6m-dWGoKT55elWJVjZ7IKK2J6dvzi3wZgeIANOPSpvih5rku7181C-rsMNkJmgq0-Sql-nAnymc3ABli5w-QXBicBo05lBnHntoEySqV4q5mCZ56dqrwS7oe4kX6a0Z5kyz1wPDOYdjPBYz9mKEoiXM6gaj6rfKqWuKeMC9GJ_Ri_9tPIF9sJm-vWP5Unp8z_txY1kAT3khQUKE_7LosjMTs4RI1VLhzyvSTc1b47PeJWG97Pfm-BJtHsAAvy_HKtwViz8fOXIAetgJoFR3fb-s6fk2Dquj9EW67gf-tglWlyywNTENwNqXesCB_4Q4-AA_rVFY-lIMeIsvhkJaWQhvI9jgQQmhLnQfd_YKD6piXOiUKdFhXAfVDSgXXQ3nc6hoswXur_QOcBCUn3OzDspghtOobVBY135jRuE0pr8arlR6kG12A1fkdIrnu3t1IaQw2bvGhoxbmJFrCtkQNmijOc7Ypmm2d31VcuRIb4cVml5xBXLwtgAGp3EPyFHUTs6vUn4dKxzztD8J82VG-yoZ_eT-8FBktBWOTS0sX5zWhHej8Q6A2NNuDrSzuSKKhDzMhuy_YgBbF4Y8mzbYs0octmFxmqKWWeize2SS33XWRy8EB8oba7JvdLe8Ta7jrSt4crCRxHeyz8YfdYkSs_-n0Fh6W5SnR8rB407qbgvXmhaobfJZgzETj779r-ljnJ0Ixm--5oYjgM9hx83s0JB8qR&cid=CAQSKQBpAlJWgqyEmTYsrGfkT9pH5jErNah0wDqHeimjwS-AvTTyZCwi0oZSGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ds=l&xdt=1&iif=1&cor=15025164491024753000&adk=250412560&idt=75&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d12a75802fe3c1dea1f4f74b0b83991195f3019ec675455469f1fba3589294c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11810
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 757C 0
104 B 144ms
23ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJB-bxtgaztK1XtLa3kW6dE&google_cver=1&google_push=AXcoOmSJXR1TTuXvrEBwse7tR-WoneUWdZlMkZQZijFdPhFcbxYhPnrK2fzxdx2dC8KwOTrOiNreXfPb8pOx1nucmHqzY41kAqnvgfc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 757C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGQnzufiWGpG-xk0aeVbvLc&google_cver=1&google_push=AXcoOmQi09IpUxZ3rreeEfCJnNuk0bDfuoBS4IkP1WBrYpXXKeSCsaUOybel5JG9AQXocl0zRzdgWo_rE0VST8TkzaAy1nXD0Xg1N04
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQi09IpUxZ3rreeEfCJnNuk0bDfuoBS4IkP1WBrYpXXKeSCsaUOybel5JG9AQXocl0zRzdgWo_rE0VST8T...

170 B
188 B

29ms
29ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQi09IpUxZ3rreeEfCJnNuk0bDfuoBS4IkP1WBrYpXXKeSCsaUOybel5JG9AQXocl0zRzdgWo_rE0VST8TkzaAy1nXD0Xg1N04

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 12:27:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQi09IpUxZ3rreeEfCJnNuk0bDfuoBS4IkP1WBrYpXXKeSCsaUOybel5JG9AQXocl0zRzdgWo_rE0VST8TkzaAy1nXD0Xg1N04
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 14 Aug 2023 12:27:41 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 757C 70 B
264 B 29ms
28ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDIAMpaGkoPVFoS-aw-cWCk&google_cver=1&google_push=AXcoOmTU6evYJhZpMFeIE_e__GSpUN0XDtkDUfCqu-zkZGf8Jtl35QVs8rCAcF7A5654sYTM2Y11Olwgsxcnyn9zQHoA9ybFYfq-maQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 757C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPqxxXAoS2ybi1zHYqPpzBU&google_cver=1&google_push=AXcoOmSeRm8A0xFcnBrS3M8lLtZuxhXNoJLNeMuifX5cJnt5FpTyOOnaB675tB__F_PdinB60S5aA0h-N44...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSeRm8A0xFcnBrS3M8lLtZuxhXNoJLNeMuifX5cJnt5FpTyOOnaB675tB__F_PdinB60S5aA0h-N44mnB7C2-jpleCQddf6vtU&google_hm=saHl9fqpTCWDXe9S7...

170 B
188 B

30ms
29ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSeRm8A0xFcnBrS3M8lLtZuxhXNoJLNeMuifX5cJnt5FpTyOOnaB675tB__F_PdinB60S5aA0h-N44mnB7C2-jpleCQddf6vtU&google_hm=saHl9fqpTCWDXe9S74ffroY

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSeRm8A0xFcnBrS3M8lLtZuxhXNoJLNeMuifX5cJnt5FpTyOOnaB675tB__F_PdinB60S5aA0h-N44mnB7C2-jpleCQddf6vtU&google_hm=saHl9fqpTCWDXe9S74ffroY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 757C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJtsGUdEZvOfn76inDfkz6w&google_cver=1&google_push=AXcoOmQ-2oTSLR-zEWrF892kR_DuDri7FnD2_wFUNjqf5OFBERXEIGW_VwAGVQ0ydH50f7VRV-9EO-jI_9PhKLud...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmQ-2oTSLR-zEWrF892kR_DuDri7FnD2_wFUNjqf5OFBERXEIGW_VwAGVQ0ydH50f7VRV-9EO-jI_9PhKLudwj288CXgnHuQ8F0

170 B
188 B

29ms
28ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmQ-2oTSLR-zEWrF892kR_DuDri7FnD2_wFUNjqf5OFBERXEIGW_VwAGVQ0ydH50f7VRV-9EO-jI_9PhKLudwj288CXgnHuQ8F0

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 12:27:41 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OB0KDBSKR0-F6LuzXsChpw2&google_push=AXcoOmQ-2oTSLR-zEWrF892kR_DuDri7FnD2_wFUNjqf5OFBERXEIGW_VwAGVQ0ydH50f7VRV-9EO-jI_9PhKLudwj288CXgnHuQ8F0
x-host: tde-deliveryengine-production-6ffbf575ff-42dnz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 757C 43 B
146 B 38ms
10ms Image
image/gif 3.127.113.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL99rKDX5kbnho_iSgt32lE&google_cver=1&google_push=AXcoOmSdrhnSy4e4AZ6arioMnmAwfWXyej2fJxvXuS9w2KOUmokAn11rfdMCawtTbuzGe44U2flar4oIQWcjz3aEjuuUVr4l4Smn_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=1893062441&adk=3122728471&adf=3220986866&pi=t.ma~as.1893062441&w=170&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=1&format=170x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458205&bpp=7&bdt=171&idt=242&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=55&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GRX8ke5s0&p=https%3A//www.oferlo.com.ua&dtd=247
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.113.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-113-75.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 757C 43 B
363 B 58ms
17ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRytS9sdUk-hng8WzIlY5v5cEaSriZ1EI9OwOTYiYYAIKIwwJ9koeO1ZTmJpabm97bXEv_L2BpCx0Jk_AyeNjahWIgLWoil_w&google_gid=CAESECLzAYnxGRkSCkkD_rVwBIc&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 261649
expires: Tue, 15 Aug 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 757C 0
12 B 27ms
26ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-Z5FfPX2V7KGz2csZfhfyRAaNaSw7ddGHeZqg0dr6yEnhVOwT93W2V7FZVNPgKFEzvpmS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame A889 164 KB
93 KB 22ms
7ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98185a5cb400e163a738c867c851868a4095b204987aad7085467a829841b759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 99683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 95119
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:46:18 GMT
expires: Tue, 13 Aug 2024 08:46:18 GMT
last-modified: Wed, 08 Feb 2023 08:41:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12EA 0
0 99ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4fWzBedvJuftnhh5Ld9GBZljlKNbiLcaJ_X-WZ7AWOzk-cFYYj_gBGuQHlA-wpfz8WCYzJBWE5C1aB_LL4TVdcGUa6Q-8NuefM-Fbc_HX51MVCEZi7doYRFsfdtacz_kjXXnfk1WcpzJypyeIu5W6RUoTkgkUge9PFsM1OBagW9Z5Pw3mzdp8F0toMHjr6uDuP4lZsFgGWDZiBcWFevBL_Bk&sai=AMfl-YQ6LAx76YYVuwfiPwnU5WbDgUUj6jnicbOPQevKmdwvzfTX5cvgIrxxG3zvQsAdDwRH4PgwIzVqTtpLpeHJdhfHplAIhK8d4wxOg04SHRg-yMQuC4fNv_Lvj3T41LWT8A&sig=Cg0ArKJSzFWuP5KD6J8xEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=117&cbvp=1&cstd=114&cisv=r20230810.97611&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 104D 41 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1yshSmcF0quXTsrLn9bAccNYMxY0S9JfSrV1_Zw5NFEXsOs7srMr9BYP1PMfIrjLy0nGpitnja55lDzJ6H27R3LWnd7t-lMNuwkDqIeF415UWxN8aWNePE-3a6veHLFsMe6HeNm6Fgp7-33dH824EyIHO41sTo-AFbsQdAzd9w0nypjI&cry=1&dbm_d=AKAmf-BYtsUhQEwJQpfuZb4R_egUV4wmsxgZiHESdwpxE887DkOrW9DWl48EKjDwXwsWLeGHgzsb-dVwoMsTsjfkH_Vj9TFPB3-9xUsL3YTndgVKKO-124CHMuOTF2aFL77pFnRGu3NZJ_Gc4ONoy-ucyRRfHUVSoarRwUkzSBzfKI2MclAtf8w7_WcaW3TPIIcgO9f0H78yqlrtZWDZiZLXV5dtb1-dbSQuizBoyNPkjfKOOV4zyrvanEOjlY8zrffmn0_g6gMW5IB-ciKSNHtoxm-Kt4Cs51dqjSxozycIlGsZW-eD_viP2RmRpMFf8pzdGcvLQUuQu6typLFE08wFI7_2Z2PI2VT6ArWufxtmXIPu8WxJRjI5PA7UFsJ8lJbRMp4KADBlpTuwdKIlAoR7XgaVdsrMJl5EJv2AMVW2vVEC6AWmoEWxqj2VmWj6lVNmIm3JLa1HlGTm0kAiHXZjfxyKiZGalLrZ0afIyQhQLb-kDzkYcBpZaQ4pT4BU7lzHlyC7-RlCgqoNuGUFxUnM8NRpPdwgqB6f44f4w6zT9KVi2UbHAOvIC9nxVvUZdONOTfxyBvIYBA3wXHPNedQ2nH3Vtvzs6QC7-uKRazniWeKWbGLG_SeXFVWImDteJcHoHP5YzmjVFGtK_N08qoqgNXBXYzbh94Jzx2bKdi7jr_MR8eIDf-DGes_qR-xOqAFrLlWaRqaY8iPoUF1VKYz63CPHoyellgSWQSwtdTMjFPPm-qHTyYvFUhFAMYg9aksQrpk01WQmvla1mypdgo8f4r47O-dHODbfoPIYbFFEq5__R36NUCSdObzpAmcu1SMup579XC72sgOJu0fVRKPsB_qpPTWZFkjZ-2xyKJ-4Qv0BkDpDK0KOQVsKkeFKh2Gos0IyZJbExLIYBHT_m8bsepxwjDNYxDqIR3XLfEybkFWVKhx0ghdGTCWBQH5mdMpA-g2nHp6PhMuau8dPcguI6fQ4OZe-RPlZE1CNAFcAEVHZX-Ck2TpfPx-K2qs3o-NJx7oji_rwtKICudBZZJ7ST7WWsSd_DybJSOmlQi9BZNHMNIJCFC4pWbOXDBgbNd9_4gxNOKyx8IThNuUc1XMjhjaU5ncBiOcW_grvbOEBmSaRIe_kss5xKlIxwVFkeZv8kKWlOfmRL4cILr5ow__T2ujXGyiy4WJN-S3BVlaAAj4qW4xMDkKo95EY_XBMSwk-YnQTzqgVSbTW20PskaixCXs0b2V_kCIzKchz0-Lv9uhxJwutJlQHuYlaBTxjaNjJ7plHhmSZsoCaCxc1ZitxfEQifPa8EAYaLhtlKylK-x1zsLLFa-jhbVNmyGMsycEEkxIA49I7uTaRBeSGLI_pXU5IToYGwn0bfgprQW21AIYKavU2AYQq15A-A8YRvTrY0wolUPUzyMNYNncZs7qhKix9BGwsC5JUsXWQrcgTP49BvMRoQn8J9prVvxzQXia5jrdviomsck6zCYG49O4PCgcstje0DgDDZSBOmw_YGDk2YMrHCXMRPVN0FXlcfnrqom0RHszQOglCK_weU49zHPfggHfWPF9vu-SvOt60hrAXZ8zG6WOVP4yYcz4ZA9sQ1u9GS7_j_s8xT4j5wxe69s99JKsF6UNf1boCGiu1rIsVdfYnP5ucDPtNjdWEQgkoSk5e0cUh_64-RkAKj_B1MCAD-4okRI3Sk4ejGT0FjLcRc303egqwnLXj5OLfJOOnFbaes1g-zCqGniHFxLlKi40OhIsAidLQVNS6_j0eMaYv97k1m79rJTXTdnzWaXCz40mV5dSbGiSMEw04z5xVkZXpxnbPeS8oQJynCCCLw24TDO3t5_PDC74V_mzaN4quhd8hps3ArwS8DVCYOXwlGVh557zSsOtBPwBOVji0vab2LjNeftfdqaE00TT51SZkeW4sif3GRVmH6U1FJw2RZ_S_Hx5GjjLXohDIQYA7HMB__upEjxE8XcFt74ymJ-FMYx3hKlBvP0p6Y-EfWPO7rrXQU0QjVFT-0z1AmHnZivIOszhEiLouqIzz4O3VL2xjVYhkW9N4ngwklpus0w-6daW917y5GZ_p7Ou0Q-6nnbMicsUuYSexphfW_bq4sfMiG-UyV_5sWRNajm8lTsSgSO_FyTJdqiy7AdT8GAxQGltyofIDDexPDEnPKsRceWew3-jVnB9YihYvEfV1f4gSVeSa_tZVVNya6DgidhXfZEtFeUft35SdqPnTmuI5ya57PAjEIGn8Bualg9AqK9GIP5YCw7D8nmB4TvXSMfqgnPOLPOg6m-dWGoKT55elWJVjZ7IKK2J6dvzi3wZgeIANOPSpvih5rku7181C-rsMNkJmgq0-Sql-nAnymc3ABli5w-QXBicBo05lBnHntoEySqV4q5mCZ56dqrwS7oe4kX6a0Z5kyz1wPDOYdjPBYz9mKEoiXM6gaj6rfKqWuKeMC9GJ_Ri_9tPIF9sJm-vWP5Unp8z_txY1kAT3khQUKE_7LosjMTs4RI1VLhzyvSTc1b47PeJWG97Pfm-BJtHsAAvy_HKtwViz8fOXIAetgJoFR3fb-s6fk2Dquj9EW67gf-tglWlyywNTENwNqXesCB_4Q4-AA_rVFY-lIMeIsvhkJaWQhvI9jgQQmhLnQfd_YKD6piXOiUKdFhXAfVDSgXXQ3nc6hoswXur_QOcBCUn3OzDspghtOobVBY135jRuE0pr8arlR6kG12A1fkdIrnu3t1IaQw2bvGhoxbmJFrCtkQNmijOc7Ypmm2d31VcuRIb4cVml5xBXLwtgAGp3EPyFHUTs6vUn4dKxzztD8J82VG-yoZ_eT-8FBktBWOTS0sX5zWhHej8Q6A2NNuDrSzuSKKhDzMhuy_YgBbF4Y8mzbYs0octmFxmqKWWeize2SS33XWRy8EB8oba7JvdLe8Ta7jrSt4crCRxHeyz8YfdYkSs_-n0Fh6W5SnR8rB407qbgvXmhaobfJZgzETj779r-ljnJ0Ixm--5oYjgM9hx83s0JB8qR&cid=CAQSKQBpAlJWgqyEmTYsrGfkT9pH5jErNah0wDqHeimjwS-AvTTyZCwi0oZSGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ds=l&xdt=1&iif=1&cor=15025164491024753000&adk=250412560&idt=75&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 18:14:40 GMT

GET
H3

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 104D
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mnt...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWe...

71 KB
24 KB

56ms
56ms

Script
text/javascript

64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWebmdf9tiOkZaKFF5CpeasCDKcNtQNt60fjHNvOWZ0AiQw0Wu_xjyyTKz75Kb--oJnSZ1jdGZCZvH6sJRZtBaK9e6yk9Gnzt9LZQS-RYAoCZ_4KwNpNbRZfZHZZr0oNA6BvNzeAzQbNcBJnebCD04XJt9DCMWDqwZu7146cyRgdDiC3Q72ZcGrMDJu1IJg7H_0T59L1izSPQ89o1BeaTnid_7mjkEryu9476nbBpJBcEIkeGKxt9Recd2ptNZdchvle8_lnBkFjHzCQd3uvSuecaxLHgRkLpgBAYH9hZRpComhrBEvzq2V1Yv9bc0dXtaCnk932kLxR6FEJd3hbW1A8MQwez1ddKdZcGN2P03aMQY9vtz-TIwjWuyHzHoZu36TvtRRyskOgBUPfMTRkWiMVN8kFt_ZPKUO6atN8zokoJtZ6yFbWUfTKkpSMXAn9AbXJ1Z9Ge13XwCYmDVkWGZjK3mqlvsLMfq_y5Gof74BjCqGdWqdvm4dcUD6iCeICp8ieX1kYp0vLv9rPvmO4vFgYhUYwwXXsipgtNOga7XBMX-_QrrrqHfPN2ihBLg--x64qRm999dfZdGQO6ICB0fGOeNELZia4LbB-gmC_mAPuPBC0blzJL2WPGBD8ye2VVM1YHfA3m-oWM083gMWm5HxhV4qMWZzB5_Qydhp9mhm6IBOaidwNOluv7r9-qb2-KOW5nUfZ75aHjqgPrGex-5x4O3pub8AaTJnI_LPMp1NCwgLnJo0nZhur2dvpIYcJqUqAGlbf__HqbmHoZmlWlP9s0qvrEXP53dFX9gFsGpm0T_WrYaVfdlfrHGHtupRIZP5f-0odmP_iCd13xOdIpehT5CXK-tg9SogPc3gChiRXbm-H8jV1fknVG1MPAPELQDJ13fmxe_Npqv3fXNbeUHY7JFC1KGHaEitCMPriBohe5YjoMiINpnOqVsTRbd9wIa8HoxEuTcLw26Kb7g9aozuDfkfvNNf7wG64JWcyWS6TiEMWyDkZTvxx9tj03f6L75jmDBcyVhbUUBKKbIowcfu0YvhyApmzhXmbZL2rdn96QfYN_Fmsg4lbHrr4Rxawu00uajElUROOtvMu5bte85wEdQcmSRF7wzaoXK2-s3Oe6CYROMc9zYUwTa5XgLADmAfvBL62PWWAvGifEdNYWjwm4jMeDNfvWSSQ_rjjNaZk37dDy_Qagw4KQE0i8LXp4oP-UROTo2OpcvJzJH23hIhMR7Ir5I8kCiK4abSCfO0YF5d6uPGnmC--7vYGTUEDz7ULPVzge2EsIfjGg636QIqE5CogsT8-g2_jbzn6h3dMWzjo2yIQnV_mPQGKwGsh1oDWAy-8ySbP30oaTyezdkuKJlawblzSCLCpUYmMGhjibz6sWwLDYWyKWAv8c3AQB12K5ore-B5C8qK7uy-k5J9WW19A947U9n3jNC3jpE3AsiGHBThUGgY68boU71n6jcQ5dfPnCnSRx6wlbW2Ch91WQBUSUvaOxJyAJoLzwrinmkjEKWMFrJL2KUaNwTb_OX8SC0vK9Y5DwYVFXnxn01XBTu9-ba6eYfD37xniEiFgVcEsGGvBo_-r0SAoVrxQ162JpRTFROVIFelWA61ihnhICbsHcktlx_mLfb_O5lnmjCDyYgI1MrBMJf_c82SO2V85_Y491w9msNw7Alof4kr_lxLeXvTt8ZoWFfdsY5z70ZW2_t9hFKKMrAcH-gYZggDHQiHPJyl6WVYJQiqc8bo-RTqqek3G6mKuZw2XFC7B9b7lE-2ZDbso9f5UcBmiPmUJkZpRdKVCwJzDjy0OZ4Tfm5ab7c8_P7N27kALbhL4QiQpaCJxnscBUMfbSiiC-C9VDRchyUidpphFZDX6L-jJscZGmgb52cYcz04dFyw4BLsNkT9bxj70jH2ZLeE7XdfYN49GeYPkuYZ6IYvTZX2JPL8FTrG4WteXXNJzSd3t44jot3F6FK_amZ8QRNgXeuEyyHwrGKaG4nA2x5Y4QdCOYjtAQ9qmsFNAAkgCMxo-2j1WDeQqfDeQzmKdjiRsf6PR2u1b2PrDcJOLLk-PfiE9vyP7We59RHKDGgiNlheuFbyUUSowV-JS48cisMoh8w_dIKjesNjfYjhTw_Ew-QpnJkPgiKBgziSywGSmI08AjChT4F002L2ShKmnCSWySZwAq4dwbr1P6qlCYsgDZ0mlXGuvpzc5Wuwm7BBpsYlicbWro8S2AWvquMURrmckgyzv5G2O0nddfQ4KXjPSWT49kwgK5HDkVnpANRfESfjeFibS-rp0PA3A5tXWD8a9m3S5AliGoW3leGD1Oo4kNAfv5FacAwVgogczdRdsAybupx6SLTBCYQ9rK1KUmxfg8Af8KHFDrgxYzBXiKK0pyj0VtPekKb5ZJ0jMHVLBO-gfnAydNqgygz9GtLlyioCnucgIHHQDi2mZXXrTeOAWPye3BJaTV8dyGUgttwY3U_mYkvqlFY4h5h3pU9hSHBxrEVIlUB4OGDPVcFWb5YMuw8Yg22Y-f3npH-tb0eHUO2gYi9vprB9laxNvYMBEYmrkPQzjLUN0nU5Enve3Rgrla-TT357djR2n2XwYP4YPRaVOL1TeiY5Zv5rB2Jl6dIFJsOottetRB6m8oy6tOf0r0dz_GKZYhtNteZbdDipxpp6Vap6E7fB7iQtKRQ2WOSd_9-qPeY4K9_Ypn-NCPpO_mP6P6no-SG3nffmh2uJHphV7AKuXbniP1zrNFYpyeG5vx8JyoZ3Ioxn-y2kCwkFBdaPWEWMvR5Wx5zVqZgadz6Sys_LcFIOrcTuZXIxvjDGU1fSLy6GbzlEFn0COzWzFPZG8JEi82ip28kQulSu90_LGY3-Q3jk-dNy872SHepUATZqfBWaxU1lFAxbQ0PQw1B3DlHyE3yZUMr_aU48Y8-vWsE9HkvjBm354i149cNdMmDG7Wb-nHZTsd3uU_Lw3zPx-vOnf0g1j5Y8Il6VJPW1rrKUB0EA1g_gUAo5FdnZ8sP6Fusdd6pl-f0iMmMzRPdkHAh0VELty9qtIruJ7qCacRvhnFmIDMRohgel2Pgt765GN19VkbG3uQzbBcnMF-deyBx33zyBmFVXr5Yvyxnh2-XJfVi1YIpKSJ-frI9wxRM8mqcpfcCX2pva8yV6hnJOdOuQiDwBAJ70cM699ttAKyb7SW75misEN7rWGW43AFgLilPwPrG3NORHIJxbAYD6o21Q1JFm3lMDsVeFjSwJ1KmPTO_f6djnWwFm5Adg42RYPnMsjMxwC6czJ0eVnRtknjBBFoX4nRfU6D3BfJhaIQoH4fAhBsheLzT1rNhvNgQU7PuHqIHcvV3BiWTJ5GbpUPnAFoKMnwV1LpSSbdap_7s290B8BWmS5-RAxAd0Fzn8FnYi7YErv7uTwR3BhBPdstCu3a2u91yJOwAohWdLdD48lanJm6yzXp0USCWjDkJE9EvRtIlt5DKgT81uA-NNmj79Eq6X9yzg5wWa-cts6IpzDPYRHNpSh6SF6VaF4K_3SvKeFw0VWbbmKICMpmkYK8W5klQpqzkZJrYRaTs2DPHf5ikz_4MLjfkNDqidPZl0iJzPGrGBNbvJ-osj2MeIpV8bYcvJk80EWbIwd_5oFhR-RZvXTFHKrh8vPs0XMZ8W7irIcnlM5s0Oey6e2K_Y8GzLOdom51DFWC2f2MwfaGd44t4Rdw3qPuw89Y5k4WRQyb9egP3OP54v6LFpQHrhsbjNY0zf6l1FDgMCxkNPAiusoAZRu7iCmHmyFxzhbbuh9_9ffHeqMiLJ-LCjRD7Ck0DTReI4cqNx9EwSlrBUDt_W6LGIAenOGUfbZHAZV-k4n-Bc9vDqbo-0RgxRgGO5c_LlM1SU1ubylnE-W7hKv6UNSNNqQcir6eb9oGAm2O0qOrZ2OtNXmLceETPYQu_v6lgl8mYLcqlvnFZB9i2GiNfTZsaNFxdAkJWKYf6KEAe5fUufVzvlHgGKPljHdbRxY3iORPi1d_qqU79I8soaIo0H7gtFLwaLwgEEikAaQJSVoKshJk2LKxn5E_aR-YxKzWodMA6h3opo8EvgL008mQsItKGUhgBYAE

Requested by

Protocol

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

d454757e2e224ed465f7c80f698085b8c863536430701f565515674e9f4ef516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24838
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWebmdf9tiOkZaKFF5CpeasCDKcNtQNt60fjHNvOWZ0AiQw0Wu_xjyyTKz75Kb--oJnSZ1jdGZCZvH6sJRZtBaK9e6yk9Gnzt9LZQS-RYAoCZ_4KwNpNbRZfZHZZr0oNA6BvNzeAzQbNcBJnebCD04XJt9DCMWDqwZu7146cyRgdDiC3Q72ZcGrMDJu1IJg7H_0T59L1izSPQ89o1BeaTnid_7mjkEryu9476nbBpJBcEIkeGKxt9Recd2ptNZdchvle8_lnBkFjHzCQd3uvSuecaxLHgRkLpgBAYH9hZRpComhrBEvzq2V1Yv9bc0dXtaCnk932kLxR6FEJd3hbW1A8MQwez1ddKdZcGN2P03aMQY9vtz-TIwjWuyHzHoZu36TvtRRyskOgBUPfMTRkWiMVN8kFt_ZPKUO6atN8zokoJtZ6yFbWUfTKkpSMXAn9AbXJ1Z9Ge13XwCYmDVkWGZjK3mqlvsLMfq_y5Gof74BjCqGdWqdvm4dcUD6iCeICp8ieX1kYp0vLv9rPvmO4vFgYhUYwwXXsipgtNOga7XBMX-_QrrrqHfPN2ihBLg--x64qRm999dfZdGQO6ICB0fGOeNELZia4LbB-gmC_mAPuPBC0blzJL2WPGBD8ye2VVM1YHfA3m-oWM083gMWm5HxhV4qMWZzB5_Qydhp9mhm6IBOaidwNOluv7r9-qb2-KOW5nUfZ75aHjqgPrGex-5x4O3pub8AaTJnI_LPMp1NCwgLnJo0nZhur2dvpIYcJqUqAGlbf__HqbmHoZmlWlP9s0qvrEXP53dFX9gFsGpm0T_WrYaVfdlfrHGHtupRIZP5f-0odmP_iCd13xOdIpehT5CXK-tg9SogPc3gChiRXbm-H8jV1fknVG1MPAPELQDJ13fmxe_Npqv3fXNbeUHY7JFC1KGHaEitCMPriBohe5YjoMiINpnOqVsTRbd9wIa8HoxEuTcLw26Kb7g9aozuDfkfvNNf7wG64JWcyWS6TiEMWyDkZTvxx9tj03f6L75jmDBcyVhbUUBKKbIowcfu0YvhyApmzhXmbZL2rdn96QfYN_Fmsg4lbHrr4Rxawu00uajElUROOtvMu5bte85wEdQcmSRF7wzaoXK2-s3Oe6CYROMc9zYUwTa5XgLADmAfvBL62PWWAvGifEdNYWjwm4jMeDNfvWSSQ_rjjNaZk37dDy_Qagw4KQE0i8LXp4oP-UROTo2OpcvJzJH23hIhMR7Ir5I8kCiK4abSCfO0YF5d6uPGnmC--7vYGTUEDz7ULPVzge2EsIfjGg636QIqE5CogsT8-g2_jbzn6h3dMWzjo2yIQnV_mPQGKwGsh1oDWAy-8ySbP30oaTyezdkuKJlawblzSCLCpUYmMGhjibz6sWwLDYWyKWAv8c3AQB12K5ore-B5C8qK7uy-k5J9WW19A947U9n3jNC3jpE3AsiGHBThUGgY68boU71n6jcQ5dfPnCnSRx6wlbW2Ch91WQBUSUvaOxJyAJoLzwrinmkjEKWMFrJL2KUaNwTb_OX8SC0vK9Y5DwYVFXnxn01XBTu9-ba6eYfD37xniEiFgVcEsGGvBo_-r0SAoVrxQ162JpRTFROVIFelWA61ihnhICbsHcktlx_mLfb_O5lnmjCDyYgI1MrBMJf_c82SO2V85_Y491w9msNw7Alof4kr_lxLeXvTt8ZoWFfdsY5z70ZW2_t9hFKKMrAcH-gYZggDHQiHPJyl6WVYJQiqc8bo-RTqqek3G6mKuZw2XFC7B9b7lE-2ZDbso9f5UcBmiPmUJkZpRdKVCwJzDjy0OZ4Tfm5ab7c8_P7N27kALbhL4QiQpaCJxnscBUMfbSiiC-C9VDRchyUidpphFZDX6L-jJscZGmgb52cYcz04dFyw4BLsNkT9bxj70jH2ZLeE7XdfYN49GeYPkuYZ6IYvTZX2JPL8FTrG4WteXXNJzSd3t44jot3F6FK_amZ8QRNgXeuEyyHwrGKaG4nA2x5Y4QdCOYjtAQ9qmsFNAAkgCMxo-2j1WDeQqfDeQzmKdjiRsf6PR2u1b2PrDcJOLLk-PfiE9vyP7We59RHKDGgiNlheuFbyUUSowV-JS48cisMoh8w_dIKjesNjfYjhTw_Ew-QpnJkPgiKBgziSywGSmI08AjChT4F002L2ShKmnCSWySZwAq4dwbr1P6qlCYsgDZ0mlXGuvpzc5Wuwm7BBpsYlicbWro8S2AWvquMURrmckgyzv5G2O0nddfQ4KXjPSWT49kwgK5HDkVnpANRfESfjeFibS-rp0PA3A5tXWD8a9m3S5AliGoW3leGD1Oo4kNAfv5FacAwVgogczdRdsAybupx6SLTBCYQ9rK1KUmxfg8Af8KHFDrgxYzBXiKK0pyj0VtPekKb5ZJ0jMHVLBO-gfnAydNqgygz9GtLlyioCnucgIHHQDi2mZXXrTeOAWPye3BJaTV8dyGUgttwY3U_mYkvqlFY4h5h3pU9hSHBxrEVIlUB4OGDPVcFWb5YMuw8Yg22Y-f3npH-tb0eHUO2gYi9vprB9laxNvYMBEYmrkPQzjLUN0nU5Enve3Rgrla-TT357djR2n2XwYP4YPRaVOL1TeiY5Zv5rB2Jl6dIFJsOottetRB6m8oy6tOf0r0dz_GKZYhtNteZbdDipxpp6Vap6E7fB7iQtKRQ2WOSd_9-qPeY4K9_Ypn-NCPpO_mP6P6no-SG3nffmh2uJHphV7AKuXbniP1zrNFYpyeG5vx8JyoZ3Ioxn-y2kCwkFBdaPWEWMvR5Wx5zVqZgadz6Sys_LcFIOrcTuZXIxvjDGU1fSLy6GbzlEFn0COzWzFPZG8JEi82ip28kQulSu90_LGY3-Q3jk-dNy872SHepUATZqfBWaxU1lFAxbQ0PQw1B3DlHyE3yZUMr_aU48Y8-vWsE9HkvjBm354i149cNdMmDG7Wb-nHZTsd3uU_Lw3zPx-vOnf0g1j5Y8Il6VJPW1rrKUB0EA1g_gUAo5FdnZ8sP6Fusdd6pl-f0iMmMzRPdkHAh0VELty9qtIruJ7qCacRvhnFmIDMRohgel2Pgt765GN19VkbG3uQzbBcnMF-deyBx33zyBmFVXr5Yvyxnh2-XJfVi1YIpKSJ-frI9wxRM8mqcpfcCX2pva8yV6hnJOdOuQiDwBAJ70cM699ttAKyb7SW75misEN7rWGW43AFgLilPwPrG3NORHIJxbAYD6o21Q1JFm3lMDsVeFjSwJ1KmPTO_f6djnWwFm5Adg42RYPnMsjMxwC6czJ0eVnRtknjBBFoX4nRfU6D3BfJhaIQoH4fAhBsheLzT1rNhvNgQU7PuHqIHcvV3BiWTJ5GbpUPnAFoKMnwV1LpSSbdap_7s290B8BWmS5-RAxAd0Fzn8FnYi7YErv7uTwR3BhBPdstCu3a2u91yJOwAohWdLdD48lanJm6yzXp0USCWjDkJE9EvRtIlt5DKgT81uA-NNmj79Eq6X9yzg5wWa-cts6IpzDPYRHNpSh6SF6VaF4K_3SvKeFw0VWbbmKICMpmkYK8W5klQpqzkZJrYRaTs2DPHf5ikz_4MLjfkNDqidPZl0iJzPGrGBNbvJ-osj2MeIpV8bYcvJk80EWbIwd_5oFhR-RZvXTFHKrh8vPs0XMZ8W7irIcnlM5s0Oey6e2K_Y8GzLOdom51DFWC2f2MwfaGd44t4Rdw3qPuw89Y5k4WRQyb9egP3OP54v6LFpQHrhsbjNY0zf6l1FDgMCxkNPAiusoAZRu7iCmHmyFxzhbbuh9_9ffHeqMiLJ-LCjRD7Ck0DTReI4cqNx9EwSlrBUDt_W6LGIAenOGUfbZHAZV-k4n-Bc9vDqbo-0RgxRgGO5c_LlM1SU1ubylnE-W7hKv6UNSNNqQcir6eb9oGAm2O0qOrZ2OtNXmLceETPYQu_v6lgl8mYLcqlvnFZB9i2GiNfTZsaNFxdAkJWKYf6KEAe5fUufVzvlHgGKPljHdbRxY3iORPi1d_qqU79I8soaIo0H7gtFLwaLwgEEikAaQJSVoKshJk2LKxn5E_aR-YxKzWodMA6h3opo8EvgL008mQsItKGUhgBYAE
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D53E 91 KB
92 KB 12ms
11ms Script
application/javascript 2600:9000:26da:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1525451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: bPLj_7IefGkYO06RfmwPA8LxaOqC7SSLn1Z0_y34Grk46xwXziWaeQ==

GET
H3 200 Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js Show response
s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame A889 2 KB
936 B 8ms
7ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d61645f8cbb1f1dead0070107773bba8127040e5dd2f09ed979d0c96e839cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 08:41:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 05:55:05 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 104D 43 B
215 B 97ms
96ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=59bcb299-4085-45e9-4446-66d74fe7eb85&tv=%7Bc:lmK7Du,pingTime:-3,time:64,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tN0lu5m+11%7C12%7C1311%7C13121%7C1313%7C1314%7C1315%7C14*.1135760-65089096%7C141%7C1511%7C1512%7C1513,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 104D 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=59bcb299-4085-45e9-4446-66d74fe7eb85&tv=%7Bc:lmK7Dv,pingTime:-6,time:65,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tN0lu5m+11%7C12%7C1311%7C13121%7C1313%7C1314%7C1315%7C14*.1135760-65089096%7C141%7C1511%7C1512%7C1513,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&tpiLookup=ao:www.oferlo.com.ua*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 104D 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=59bcb299-4085-45e9-4446-66d74fe7eb85&tv=%7Bc:lmK7DR,pingTime:-2,time:87,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2778,beZ:2779,mfA:2782,cmA:2784,inA:2784,inZ:2790,prA:2790,prZ:2801,si:2806,poA:2808,poZ:2830,cmZ:2830,mfZ:2830,loA:2843,loZ:2846,ltA:2865,ltZ:2865%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tN0lu0l+11%7C12%7C131.1135760-69474494%7C1311%7C13121%7C1313%7C1314%7C1315%7C14*.1135760-65089096%7C141%7C1511%7C1512%7C1513,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:29,sinceFw:57,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5282 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:02:40 GMT
expires: Wed, 14 Aug 2024 12:02:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A889 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12EA 0
0 47ms
47ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4fWzBedvJuftnhh5Ld9GBZljlKNbiLcaJ_X-WZ7AWOzk-cFYYj_gBGuQHlA-wpfz8WCYzJBWE5C1aB_LL4TVdcGUa6Q-8NuefM-Fbc_HX51MVCEZi7doYRFsfdtacz_kjXXnfk1WcpzJypyeIu5W6RUoTkgkUge9PFsM1OBagW9Z5Pw3mzdp8F0toMHjr6uDuP4lZsFgGWDZiBcWFevBL_Bk&sai=AMfl-YQ6LAx76YYVuwfiPwnU5WbDgUUj6jnicbOPQevKmdwvzfTX5cvgIrxxG3zvQsAdDwRH4PgwIzVqTtpLpeHJdhfHplAIhK8d4wxOg04SHRg-yMQuC4fNv_Lvj3T41LWT8A&sig=Cg0ArKJSzFWuP5KD6J8xEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&vt=11&dtpt=142&dett=3&cstd=114&cisv=r20230810.97611&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H3 200 Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png
s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame A889 171 KB
171 KB 8ms
8ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png?

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d11c785821bd86b30aea41f9a1e7c4b38009c49bac5785349730afa8d9bec544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:46:19 GMT
x-content-type-options: nosniff
age: 99682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175354
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 08:41:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 08:46:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9A5 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEUCrPG_bZMj_NJiD-gaBh4HQAgAAAAA4AeAEAg&bg=!goGlgdXNAAaiGN5Pghg7ADkAdvg8WiLlvuFAQnBcRAVSX4v0c_Miy9moFqGrgO-Cf1HCtYlMf1vTkSs2wdCL2Tj1NO7opU70R6ACAAABJFIAAAAFaAEHmQMYPFfdUZSHYUCjts6jNXLffdO8z4AZtD5jjJsVpV3P9iZ-fyWxR8rz_VK8z_-sOo-VIulmMT59VDP9CthAVyyZ2KwbFDfWB4gd2T5xLWzgPGv-Dw8vzxV8bPvg48b9VAcydj0OmdjcfjSIAimGX3UieYQF6mWWJnuZS096L9s2pnfxdfql5ZQDQYL-130eu4OKLlPcmsu7SH0zToUx-jgf7P_QpGg5wDugGA_ADbuy-q8y_Ic1YkI84ktkqqKMZPQJsbmfq_t1anL-SAzx0_4_Sj4VK6hC_Wk8_xt8SOSC5r6xfPM3HofNwSZjPROUBKyPTUWeZG-bn65WZX-ftfNzTgxg20NJstvCDUbpg0pRC0TU2GghsaODz9_oujtZb8aCpBcRg4odv7WKt0MxUrQSw-2bUD2wKCyJeD2W32RJNH2z4dTc70N5yXi1m2lHVZnqeDmLxwbmFBO9ihVCS083ogYM1bxt-xQsvsrNixpfEsUMRRYg48mWMbectfLx1iCQZ8H4F7e6--OYvR7kS_kpxQ9As4WLTgIolyTnyRWBtxEYDMs2hFj2jaewYy1KK-eWeaKoHEvChuBruzH6JCKzjB0Vmq9SfhgOJV5g1lSXKqx-5-noCz3_lb5YUNBS1X7Eea-d2rs7siNY2BVB12_V9BOu1RSvYvAprn33N_s2j7-0qTP9kILI46m1m9p4skFjIwMHpgj3zNRlC6yaZj-syRfM2P9GFPpjDzUfIzp3fMp5QyTy2g0p74xKnrXr1JCp_H3FaZhPSMps-vUP6l1bUQmvr7b2g7fnzugDulgoflifJz-FYntS7R5CMb6b-kljZHhYzZItWE5ffkRIFOxvwUHAS6fP0o91Pwv4dUrcOynIa8HkixfY-_J-LAXSQdU0WLO_iTEGOtDFzo9rSoV-ICW-8udqjAZqMx0_vuz2oGU6gZkgBKHM1-teWqFH0km8IAq7GdlmCEdA-WCNPdjwcbhbG7zQJF6hFQSUo1yMCVMpB6GKWzXjb-QFTCNG_8I5MYKmzzs4Cj1Gt_4QAJmtr_A1eXIh6wC8

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 12EA 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=99823bb9-7c04-019f-1262-a025d8444f59&tv=%7Bc:lmK7FD,pingTime:-10,time:508,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xNzAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692102461441%7C%7Cb7f7bd16398b9518eb6ea2c53ca2299e%7C%7C37d7be34f85ebd2dc555d2e13b92cc86%7C%7C943cf50fddb48f58c523bba7d9c50542%7C%7C096ada62364c9f787ba8961942912052%7C%7C2c1f9ac886f910213aa5fb0ec0111468%7C%7C80267efcf996eecbbf037443321cfe89%7C%7C48aa72a9a84ddac17a477d45749a5613%7C%7C1663701684%7D
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 104D 111 KB
39 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 104D 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/65089096/xbbe/creative/adj?p=APEucNWJqmMVtyAonGie356Qit_HxN6IfhoFsFrqfJ2eqNsfF9f4hb4&d=CokBAKAmf-CIJ9fuBpXpaRzCkCnRGdKbHKxhUQc9CPCvaJx3UoSJxhy1tlO3mntHArWciUmuoYDIyp3UosBbElPWebmdf9tiOkZaKFF5CpeasCDKcNtQNt60fjHNvOWZ0AiQw0Wu_xjyyTKz75Kb--oJnSZ1jdGZCZvH6sJRZtBaK9e6yk9Gnzt9LZQS-RYAoCZ_4KwNpNbRZfZHZZr0oNA6BvNzeAzQbNcBJnebCD04XJt9DCMWDqwZu7146cyRgdDiC3Q72ZcGrMDJu1IJg7H_0T59L1izSPQ89o1BeaTnid_7mjkEryu9476nbBpJBcEIkeGKxt9Recd2ptNZdchvle8_lnBkFjHzCQd3uvSuecaxLHgRkLpgBAYH9hZRpComhrBEvzq2V1Yv9bc0dXtaCnk932kLxR6FEJd3hbW1A8MQwez1ddKdZcGN2P03aMQY9vtz-TIwjWuyHzHoZu36TvtRRyskOgBUPfMTRkWiMVN8kFt_ZPKUO6atN8zokoJtZ6yFbWUfTKkpSMXAn9AbXJ1Z9Ge13XwCYmDVkWGZjK3mqlvsLMfq_y5Gof74BjCqGdWqdvm4dcUD6iCeICp8ieX1kYp0vLv9rPvmO4vFgYhUYwwXXsipgtNOga7XBMX-_QrrrqHfPN2ihBLg--x64qRm999dfZdGQO6ICB0fGOeNELZia4LbB-gmC_mAPuPBC0blzJL2WPGBD8ye2VVM1YHfA3m-oWM083gMWm5HxhV4qMWZzB5_Qydhp9mhm6IBOaidwNOluv7r9-qb2-KOW5nUfZ75aHjqgPrGex-5x4O3pub8AaTJnI_LPMp1NCwgLnJo0nZhur2dvpIYcJqUqAGlbf__HqbmHoZmlWlP9s0qvrEXP53dFX9gFsGpm0T_WrYaVfdlfrHGHtupRIZP5f-0odmP_iCd13xOdIpehT5CXK-tg9SogPc3gChiRXbm-H8jV1fknVG1MPAPELQDJ13fmxe_Npqv3fXNbeUHY7JFC1KGHaEitCMPriBohe5YjoMiINpnOqVsTRbd9wIa8HoxEuTcLw26Kb7g9aozuDfkfvNNf7wG64JWcyWS6TiEMWyDkZTvxx9tj03f6L75jmDBcyVhbUUBKKbIowcfu0YvhyApmzhXmbZL2rdn96QfYN_Fmsg4lbHrr4Rxawu00uajElUROOtvMu5bte85wEdQcmSRF7wzaoXK2-s3Oe6CYROMc9zYUwTa5XgLADmAfvBL62PWWAvGifEdNYWjwm4jMeDNfvWSSQ_rjjNaZk37dDy_Qagw4KQE0i8LXp4oP-UROTo2OpcvJzJH23hIhMR7Ir5I8kCiK4abSCfO0YF5d6uPGnmC--7vYGTUEDz7ULPVzge2EsIfjGg636QIqE5CogsT8-g2_jbzn6h3dMWzjo2yIQnV_mPQGKwGsh1oDWAy-8ySbP30oaTyezdkuKJlawblzSCLCpUYmMGhjibz6sWwLDYWyKWAv8c3AQB12K5ore-B5C8qK7uy-k5J9WW19A947U9n3jNC3jpE3AsiGHBThUGgY68boU71n6jcQ5dfPnCnSRx6wlbW2Ch91WQBUSUvaOxJyAJoLzwrinmkjEKWMFrJL2KUaNwTb_OX8SC0vK9Y5DwYVFXnxn01XBTu9-ba6eYfD37xniEiFgVcEsGGvBo_-r0SAoVrxQ162JpRTFROVIFelWA61ihnhICbsHcktlx_mLfb_O5lnmjCDyYgI1MrBMJf_c82SO2V85_Y491w9msNw7Alof4kr_lxLeXvTt8ZoWFfdsY5z70ZW2_t9hFKKMrAcH-gYZggDHQiHPJyl6WVYJQiqc8bo-RTqqek3G6mKuZw2XFC7B9b7lE-2ZDbso9f5UcBmiPmUJkZpRdKVCwJzDjy0OZ4Tfm5ab7c8_P7N27kALbhL4QiQpaCJxnscBUMfbSiiC-C9VDRchyUidpphFZDX6L-jJscZGmgb52cYcz04dFyw4BLsNkT9bxj70jH2ZLeE7XdfYN49GeYPkuYZ6IYvTZX2JPL8FTrG4WteXXNJzSd3t44jot3F6FK_amZ8QRNgXeuEyyHwrGKaG4nA2x5Y4QdCOYjtAQ9qmsFNAAkgCMxo-2j1WDeQqfDeQzmKdjiRsf6PR2u1b2PrDcJOLLk-PfiE9vyP7We59RHKDGgiNlheuFbyUUSowV-JS48cisMoh8w_dIKjesNjfYjhTw_Ew-QpnJkPgiKBgziSywGSmI08AjChT4F002L2ShKmnCSWySZwAq4dwbr1P6qlCYsgDZ0mlXGuvpzc5Wuwm7BBpsYlicbWro8S2AWvquMURrmckgyzv5G2O0nddfQ4KXjPSWT49kwgK5HDkVnpANRfESfjeFibS-rp0PA3A5tXWD8a9m3S5AliGoW3leGD1Oo4kNAfv5FacAwVgogczdRdsAybupx6SLTBCYQ9rK1KUmxfg8Af8KHFDrgxYzBXiKK0pyj0VtPekKb5ZJ0jMHVLBO-gfnAydNqgygz9GtLlyioCnucgIHHQDi2mZXXrTeOAWPye3BJaTV8dyGUgttwY3U_mYkvqlFY4h5h3pU9hSHBxrEVIlUB4OGDPVcFWb5YMuw8Yg22Y-f3npH-tb0eHUO2gYi9vprB9laxNvYMBEYmrkPQzjLUN0nU5Enve3Rgrla-TT357djR2n2XwYP4YPRaVOL1TeiY5Zv5rB2Jl6dIFJsOottetRB6m8oy6tOf0r0dz_GKZYhtNteZbdDipxpp6Vap6E7fB7iQtKRQ2WOSd_9-qPeY4K9_Ypn-NCPpO_mP6P6no-SG3nffmh2uJHphV7AKuXbniP1zrNFYpyeG5vx8JyoZ3Ioxn-y2kCwkFBdaPWEWMvR5Wx5zVqZgadz6Sys_LcFIOrcTuZXIxvjDGU1fSLy6GbzlEFn0COzWzFPZG8JEi82ip28kQulSu90_LGY3-Q3jk-dNy872SHepUATZqfBWaxU1lFAxbQ0PQw1B3DlHyE3yZUMr_aU48Y8-vWsE9HkvjBm354i149cNdMmDG7Wb-nHZTsd3uU_Lw3zPx-vOnf0g1j5Y8Il6VJPW1rrKUB0EA1g_gUAo5FdnZ8sP6Fusdd6pl-f0iMmMzRPdkHAh0VELty9qtIruJ7qCacRvhnFmIDMRohgel2Pgt765GN19VkbG3uQzbBcnMF-deyBx33zyBmFVXr5Yvyxnh2-XJfVi1YIpKSJ-frI9wxRM8mqcpfcCX2pva8yV6hnJOdOuQiDwBAJ70cM699ttAKyb7SW75misEN7rWGW43AFgLilPwPrG3NORHIJxbAYD6o21Q1JFm3lMDsVeFjSwJ1KmPTO_f6djnWwFm5Adg42RYPnMsjMxwC6czJ0eVnRtknjBBFoX4nRfU6D3BfJhaIQoH4fAhBsheLzT1rNhvNgQU7PuHqIHcvV3BiWTJ5GbpUPnAFoKMnwV1LpSSbdap_7s290B8BWmS5-RAxAd0Fzn8FnYi7YErv7uTwR3BhBPdstCu3a2u91yJOwAohWdLdD48lanJm6yzXp0USCWjDkJE9EvRtIlt5DKgT81uA-NNmj79Eq6X9yzg5wWa-cts6IpzDPYRHNpSh6SF6VaF4K_3SvKeFw0VWbbmKICMpmkYK8W5klQpqzkZJrYRaTs2DPHf5ikz_4MLjfkNDqidPZl0iJzPGrGBNbvJ-osj2MeIpV8bYcvJk80EWbIwd_5oFhR-RZvXTFHKrh8vPs0XMZ8W7irIcnlM5s0Oey6e2K_Y8GzLOdom51DFWC2f2MwfaGd44t4Rdw3qPuw89Y5k4WRQyb9egP3OP54v6LFpQHrhsbjNY0zf6l1FDgMCxkNPAiusoAZRu7iCmHmyFxzhbbuh9_9ffHeqMiLJ-LCjRD7Ck0DTReI4cqNx9EwSlrBUDt_W6LGIAenOGUfbZHAZV-k4n-Bc9vDqbo-0RgxRgGO5c_LlM1SU1ubylnE-W7hKv6UNSNNqQcir6eb9oGAm2O0qOrZ2OtNXmLceETPYQu_v6lgl8mYLcqlvnFZB9i2GiNfTZsaNFxdAkJWKYf6KEAe5fUufVzvlHgGKPljHdbRxY3iORPi1d_qqU79I8soaIo0H7gtFLwaLwgEEikAaQJSVoKshJk2LKxn5E_aR-YxKzWodMA6h3opo8EvgL008mQsItKGUhgBYAE&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=20163094551&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jhuH0CmQL9KleePtliPKfu&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1447540957213601%26output%3Dhtml%26h%3D600%26slotname%3D6019623105%26adk%3D760889125%26adf%3D1610234907%26pi%3Dt.ma~as.6019623105%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1692095258%26rafmt%3D12%26format%3D300x600%26url%3Dhttps%253A%252F%252Fwww.oferlo.com.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rh%3D600%26rw%3D300%26sfro%3D1%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1692102458275%26bpp%3D5%26bdt%3D241%26idt%3D188%26shv%3Dr20230810%26mjsv%3Dm202308090102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C170x600%26nras%3D1%26correlator%3D2708358061136%26frm%3D20%26pv%3D1%26ga_vid%3D902450206.1692102458%26ga_sid%3D1692102458%26ga_hid%3D1258383018%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1245%26ady%3D167%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077018%252C44799955%26oid%3D2%26pvsid%3D4424351942008326%26tmod%3D559232684%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3D3qsNKXFoI9%26p%3Dhttps%253A%2F%2Fwww.oferlo.com.ua%26dtd%3D190&adsafe_type=d&adsafe_jsinfo=,id:59bcb299-4085-45e9-4446-66d74fe7eb85,c:lmK7CU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-f9f8cb9c9-rjb47,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tN0lu5m+11%7C12%7C1311%7C13121%7C1313%7C1314%7C1315%7C14*.1135760-65089096%7C141%7C1511%7C1512%7C1513,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:20a4dea2-3b67-11ee-9697-aefa40799979,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 02:41:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 104D 30 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 02:41:35 GMT

GET
H3 200 Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png
s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/ Frame A889 171 KB
171 KB 7ms
6ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d11c785821bd86b30aea41f9a1e7c4b38009c49bac5785349730afa8d9bec544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15413652861070916479/DE-DEU_XA-10_0_160x600_BAN-A_HTML5_BOFU-no-SecuretheEnterprise-ZTHubPageBanners_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:46:19 GMT
x-content-type-options: nosniff
age: 99682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175354
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 08:41:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 08:46:19 GMT

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 5282 38 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 06:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 06:32:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 08B1 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Wed, 16 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 104D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9671de4d9601f57c69ce5939af0caecbed425c17a8577f1999a98be494044331

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 99FD 164 KB
92 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bf1c17843ffda7158ed240fb270f1d54bb3791881d31fc64db44e187da93c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 108194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 94012
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 06:24:27 GMT
expires: Tue, 13 Aug 2024 06:24:27 GMT
last-modified: Tue, 07 Feb 2023 18:29:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 104D 0
0 48ms
48ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQERq2P8n_N9eRCpL2T0g3WcTJFKDhoLFGXcGvCjRXIvRHy65WLbiyDkoa_iCJw89lD-5cqSmcI7VQFHSPMuQMsK1_gFo4YOab0FewhgP7UvxiUz8zy_voC4CV2UxwWEDwt-qdUOFi9rqA0xvQFVUopP_oCFHPksV4gFtl4a2cPZsfrReJ1_qcioBvEY-escCGx_vqb-8vncfGHI5yUJ7PJnE&sai=AMfl-YRqiTQn9_WrP6L_4SIT79IGdGOPIr_QPdqCIgsodF4fQeIFSryNLM9ZR1JPx2OhRGFORxlkGumv5QDJ0y-Pgx8LRTfRD-ezuA3778KODyu8b_ZSvewW2hjTpxknLeVfkg&sig=Cg0ArKJSzILp6huu0I3CEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=61&cbvp=1&cstd=60&cisv=r20230810.65713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08B1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGwLvJc18hJBDCP_ijCYLxE&google_cver=1&google_push=AXcoOmQY9AbCbaudP480ZSf461PBNijAkPqDe5t98RrJeAx5hiUrS3g3aJ_lfFGz1kjvTfCLjbSMiapssXDvikuv...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQY9AbCbaudP480ZSf461PBNijAkPqDe5t98RrJeAx5hiUrS3g3aJ_lfFGz1kjvTfCLjbSMiapssXDvikuv7DVR0gQjSrP0ZA

170 B
188 B

29ms
28ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQY9AbCbaudP480ZSf461PBNijAkPqDe5t98RrJeAx5hiUrS3g3aJ_lfFGz1kjvTfCLjbSMiapssXDvikuv7DVR0gQjSrP0ZA

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 15 Aug 2023 12:27:41 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x33 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQY9AbCbaudP480ZSf461PBNijAkPqDe5t98RrJeAx5hiUrS3g3aJ_lfFGz1kjvTfCLjbSMiapssXDvikuv7DVR0gQjSrP0ZA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Aug 2023 12:27:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08B1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHaMb1IhrNpQwlmm7CALqZY&google_cver=1&google_push=AXcoOmQZdqWwRGf3tjl5QRCxfK4voTAT7aVptHY34FbdPyPQGrJyEKcBrPirL1OD78pk_4XurBa-xAy9dQveHx2ZDFnn2NwvPbAnkQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQZdqWwRGf3tjl5QRCxfK4voTAT7aVptHY34FbdPyPQGrJyEKcBrPirL1OD78pk_4XurBa-xAy9dQveHx2...

170 B
188 B

29ms
29ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQZdqWwRGf3tjl5QRCxfK4voTAT7aVptHY34FbdPyPQGrJyEKcBrPirL1OD78pk_4XurBa-xAy9dQveHx2ZDFnn2NwvPbAnkQ

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 12:27:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=80B30D3D6DB542A597116C266D4F250B&google_push=AXcoOmQZdqWwRGf3tjl5QRCxfK4voTAT7aVptHY34FbdPyPQGrJyEKcBrPirL1OD78pk_4XurBa-xAy9dQveHx2ZDFnn2NwvPbAnkQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 14 Aug 2023 12:27:41 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 08B1 70 B
264 B 29ms
27ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGKa1jVAyQGEy0NbmacTVpM&google_cver=1&google_push=AXcoOmR4M_usFK-Rnv3NzlFSOJfQUleNHH9QSuPH8zZNMUydPSyX1Bjsu28OXao8uDUiR3YaXyuDOeyzrBesjW-Xpd6KKJeTIQgFwg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 08B1 0
174 B 36ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDnZV7H6zjq-Uv9dVIUdFZc&google_cver=1&google_push=AXcoOmSKhJExXFYA7KVKe2xHrjU8KhxotODW6zz9T0Q3O2IJDYlKwPunDmF2_ewQjMKuXm1kvX0z_5fHvsWNDUZXxFAJeFet22uBwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1692095258&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692102458275&bpp=5&bdt=241&idt=188&shv=r20230810&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C170x600&nras=1&correlator=2708358061136&frm=20&pv=1&ga_vid=902450206.1692102458&ga_sid=1692102458&ga_hid=1258383018&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077018%2C44799955&oid=2&pvsid=4424351942008326&tmod=559232684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3qsNKXFoI9&p=https%3A//www.oferlo.com.ua&dtd=190
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08B1
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED9IEIH_iO47iufNjuElpUs&google_cver=1&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMyw...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED9IEIH_iO47iufNjuElpUs&google_cver=1&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxM...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMywkFK1Z

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMywkFK1Z

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRu_jeRnVdrdek8gK46VBV4G7q6au7ykRhbkCzzngDuwEMQH-61_XIT8KfS9_TqTs6i2AeAgI0C4gpDYK3O3nGxMywkFK1Z
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08B1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPrmKb0dEhxe54Toq0WBHEQ&google_cver=1&google_push=AXcoOmRYpRGSQ2TGbkcXQzn5cXV7wHCBbr7grVsrVQ6iXcL6u31ayr55K_uIlGNXJHbiwrYqrEZiXv2t...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmRYpRGSQ2TGbkcXQzn5cXV7wHCBbr7grVsrVQ6iXcL6u31ayr55K_uIlGNXJHbiwrYqrEZiXv...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmRYpRGSQ2TGbkcXQzn5cXV7wHCBbr7grVsrVQ6iXcL6u31ayr55K_uIlGNXJHbiwrYqrEZiXv2tHty6Z6XoRzmqgTxp_NpKoA

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI5NjE5Mjc2NDUxNzk2ODgyNA&google_push=AXcoOmRYpRGSQ2TGbkcXQzn5cXV7wHCBbr7grVsrVQ6iXcL6u31ayr55K_uIlGNXJHbiwrYqrEZiXv2tHty6Z6XoRzmqgTxp_NpKoA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08B1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHCYOymS78goBZqKzKNmwWg&google_cver=1&google_push=AXcoOmRK1buCl63h6jYaNETyA9jpsewlYtc0gwNKHkxqRLsCEJLBLI0ckE5GmHGBvT2UepzYdvBp97h9mgaq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRK1buCl63h6jYaNETyA9jpsewlYtc0gwNKHkxqRLsCEJLBLI0ckE5GmHGBvT2UepzYdvBp97h9mgaqy5Kttqk2AhxTN_8jSg

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRK1buCl63h6jYaNETyA9jpsewlYtc0gwNKHkxqRLsCEJLBLI0ckE5GmHGBvT2UepzYdvBp97h9mgaqy5Kttqk2AhxTN_8jSg

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRK1buCl63h6jYaNETyA9jpsewlYtc0gwNKHkxqRLsCEJLBLI0ckE5GmHGBvT2UepzYdvBp97h9mgaqy5Kttqk2AhxTN_8jSg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 08B1 0
12 B 26ms
25ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LseSDi8s65lhZAszypxymU-PNn330OJES1n81PK7x5seidA0xYy9YorceNCes7wJKRFoKH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Cisco_Logo_no_TM_White-RGB.svg.js Show response
s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 99FD 2 KB
933 B 7ms
7ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/Cisco_Logo_no_TM_White-RGB.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bb35db9f4c936f90d08979bca2b96efdc4c1f65a758c1bde577e53c70dba26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:29:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 03:21:02 GMT

GET
DATA 200
OK truncated
/ Frame 99FD 73 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 XDR-GettyImages-1080277602-1.png
s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 99FD 168 KB
168 KB 7ms
7ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/XDR-GettyImages-1080277602-1.png?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da284a604cc6eefc8420592fd5410c332052e4c666be549f316bee46db6db429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:21:02 GMT
x-content-type-options: nosniff
age: 119199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171637
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:29:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 03:21:02 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 104D 0
0 45ms
45ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQERq2P8n_N9eRCpL2T0g3WcTJFKDhoLFGXcGvCjRXIvRHy65WLbiyDkoa_iCJw89lD-5cqSmcI7VQFHSPMuQMsK1_gFo4YOab0FewhgP7UvxiUz8zy_voC4CV2UxwWEDwt-qdUOFi9rqA0xvQFVUopP_oCFHPksV4gFtl4a2cPZsfrReJ1_qcioBvEY-escCGx_vqb-8vncfGHI5yUJ7PJnE&sai=AMfl-YRqiTQn9_WrP6L_4SIT79IGdGOPIr_QPdqCIgsodF4fQeIFSryNLM9ZR1JPx2OhRGFORxlkGumv5QDJ0y-Pgx8LRTfRD-ezuA3778KODyu8b_ZSvewW2hjTpxknLeVfkg&sig=Cg0ArKJSzILp6huu0I3CEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=128&vt=11&dtpt=67&dett=3&cstd=60&cisv=r20230810.65713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 75ms
61ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe4ae05ae1672a83951f379451a6af5100b03df7f8fd25a391636e8e564bb756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11859
x-xss-protection: 0

GET
H3 200 XDR-GettyImages-1080277602-1.png
s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 99FD 168 KB
168 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/XDR-GettyImages-1080277602-1.png?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da284a604cc6eefc8420592fd5410c332052e4c666be549f316bee46db6db429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18228283840340270104/DE-DEU_XA-10_0_300x600_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:21:02 GMT
x-content-type-options: nosniff
age: 119199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171637
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:29:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 03:21:02 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 104D 43 B
215 B 94ms
94ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=59bcb299-4085-45e9-4446-66d74fe7eb85&tv=%7Bc:lmK7IQ,pingTime:-10,time:396,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xNzAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692102461640%7C%7Cb7e461ff318974339526baf09976e94e%7C%7C37d7be34f85ebd2dc555d2e13b92cc86%7C%7C438f6082126cf92e97bad49ec6eab1fa%7C%7C54785bcdc4c1b5cf7b56a48c389a869d%7C%7Cadd329edfda41fabeac4e2da643331d6%7C%7Cf5a22e16938687c7994e626bffb38419%7C%7C09b1469c1ca6303625a2d9ee86576c42%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 12EA 43 B
215 B 95ms
95ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=99823bb9-7c04-019f-1262-a025d8444f59&tv=%7Bc:lmK7IS,time:709,type:e,im:%7Bpci:%7Btdr:536%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:709,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B701~0%5D,as:%5B701~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tN0lu0l+11%7C12%7C131*.1135760-69474494%7C1311%7C1312%7C14.1135760-65089096%7C1511%7C1512%7C1513,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:173%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 314ms
314ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 12:27:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5282 0
20 B 111ms
111ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv0InPW_bZN_wCq-NjuwPm8KLiAYAAAAAOAHgBAI&bg=!8_Cl8KTNAAaiGN5Pghg7ADkAdvg8Wu5ME_gMltxsBXzrj4DKcXzeRaMqkrBk_YRZXIYKvwhrJh5sydUcFJ7x4rDwaJ3aC5RhwMgCAAAAkFIAAAAHaAEHmQLu96W7ENgKWOX6B_gQRlW9ezShsmHf56z71-zQAFjvI4x2MFUtG6cgoueT2DiW78n0oiJW34IDX90ZmirsLa4vu1o-UnQubmtr6Tqle4PxizyrmJg2oDUuAx4JhibidlhrCjcrsB6FdnahVDJBSrhdg3hLpWu1sdGn3wgLgpxuWkuKBswBb6WZgw-Le4O9aikTyjmzlNITKkgkFApnitkEafpLM4ZdnxpKmSzdG_j3OiY9pZv2iQnw0zRNUby-RhPy1Lt4YMAmM4RTH7jR9RTIzg6bd2OzM3JhmGN5gZNeiltuvjRjf3SZqkJb6lvQGNZHjA-BI8eCbho6Dsfvgj2gNwKbUE42GO0cRTWK4s0GnYH1oTWpkfafbUjSIriO4rRSOzFrIHFuFh9cP0OVru5mFkOGtH29Uk4hjVbh-4rqCVqTOgc3sQ7M6_FZuJhFr2C3aT3POpXiu-6RLKonMY1vqwjSkbqunVA_FjnwfS913FocCromkHmNiRp3IZ3iNCtOnGc5tYhqJzm0XB1lS9TJbNkYxTD7YHytdFcEbIucqv8v7DRFc5U43jhbjo73d9ou1BLzSuzU05XrkxNe_59DwLUJaqALxg0rE6ba-7t5Aq9ZN-kY8abHbkXdIZkS7gdjMBcHZ0UU5EMECo_WfeY0n4jTE6zl0dUlxUIhj6otbXIHvQDjRuOqleYX2JLd0WziCAnIPyzEYaglDDFGpqHdlNJfpFyJ-MMLIBRhg3B55NCO6Et-boSW_6UmNMD4SkIw0TSaE5UdCNCaVucVHsBKusLfIm8LHyfIH4ERt5bONadh8l7GP2ToKM0OthsDGu8aLXNM2mduoAbFG4C1j0-rDRwTKoyg0g8rVa5FDDXVIoiLm6BXbqo-oPWtSB_S5L4_QYqR10N7ptXvGHdPAvnFXHvtwWwIRmMp95kYIN8jgzjCi8Q-qcCyaTiggNRsCWwPJrZ2ez2yR9y_alzhqKwMQRaVUtJEo1DQ_OW9kiPr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 104D 43 B
215 B 98ms
97ms Image
image/gif 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=59bcb299-4085-45e9-4446-66d74fe7eb85&tv=%7Bc:lmK7Lz,time:565,type:e,im:%7Bpci:%7Btdr:510%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:565,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B558~0%5D,as:%5B558~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:97,fm:tN0lu0l+11%7C12%7C131.1135760-69474494%7C1311%7C13121%7C1313%7C1314%7C1315%7C14*.1135760-65089096%7C141%7C1511%7C1512%7C1513,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:29,sis:207%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:41 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34DE 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:58:48 GMT
expires: Wed, 14 Aug 2024 10:58:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 34E0 831 B
556 B 21ms
20ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7bf9bcbfa6d1b23679575107e2e55d088eb14c0cffc9e3e1f100129742901a81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WHmLRTgwDAu5Rj2eGBz0lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-WHmLRTgwDAu5Rj2eGBz0lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 12:27:41 GMT
expires: Tue, 15 Aug 2023 12:27:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 34E0 0
0 106ms
105ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=4424351942008326&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 34DE 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 06:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 06:32:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 34DE 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?T1grWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 12:27:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12EA 42 B
64 B 118ms
118ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY94ARQ8ywpxb1wklMis9064-omJ8RmxSs4yGgZdqlI1uWTzjWG5enk-kJx61RzaMfdoWK9o2Ds9vQG6KSChv7KqixxQDd-wQqI3lsaZkihi2J17KAJaJgOR3RV6WCz2K-1ctJPHJNl68T&sai=AMfl-YQMYnD3DfBiLxk73uqmQK87E7jxlJp4FeCJL9ZuUgo1GYYembBwRvEVxwHpgWDMuLe8cbsLPeBd6NW2MpjzzmeRklZVPglT6xI&sig=Cg0ArKJSzP3q47SDMDsBEAE&cid=CAQSKQBpAlJWB4H_DCbf2MCwhabpCk1lkRKmi8ShKpvh3USf5_wttQHJzB9xGAE&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3122728471&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692102460725&rpt=419&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12EA 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1484645534206&version=m202307240101&ct=76&x=1&cor=6308277497056462000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 104D 42 B
64 B 117ms
117ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTIPse1yNzHtJO72eegiX_4f_vQ1UAaRAufqeUWiAed92yxqnrEMHZ5YpfFnR0c3KSWDh23tajD8ydLhJVRpAxvRFSrKotVha30oPG4CtwVgFxHMrO4zDNrCGFQnYs3vNOiZ9DwuGTadUH&sai=AMfl-YRv83uXzjGHtRorbZFJymL_yWdKddlXWkyE8FqXlqLslUbM1ijyUSocYYzRkmM6pO94bD_WN0q4FhpBOQMVlNFirm95GZlHB9c&sig=Cg0ArKJSzNNq9g1X1vHrEAE&cid=CAQSKQBpAlJWgqyEmTYsrGfkT9pH5jErNah0wDqHeimjwS-AvTTyZCwi0oZSGAE&id=lidar2&mcvt=1000&p=0,259,40,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=760889125&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692102458466&rpt=3015&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 104D 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1555213740500&version=m202307240101&ct=76&x=1&cor=15025164491024753000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 12:27:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
110ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=4424351942008326&bg=!TU6lThrNAAaiGN5Pghg7ADkAdvg8Wr1xSRBdsfKCysVawphdhSpFJzKyGFb5iry-ILAqoJd5yOUrpVOOFTuCzIfgeprZ7BabDoECAAAAalIAAAAFaAEHmQK-7Z-9pKl2QqpfrpR9COG3BOWZymPxEQmUDGPgrJnnoiAASBFFZ8d8AmPL2c8-UyA7EefJWqxloVWAjcvAwVPo_fEICPiIyGgq5RWwd4bZXS7j3Pl35Ard4INWuC_9M4fD94qobVpJGCYOEO4G_L2Fag4H6YFRpLGJx6CTIzx4qGlq6oAA6bJRQwYNeIfULiCeD67Ew8mMilah8feLKflF4u3DlMZ_oxoT-mghiK-3-bWcSnWVRAq248ybKcUQt0Pw1ZyotOjxV4HxnwGklMkZbLaHqxPM_gKVEatQYzU-qKwBey-35eYJWhBZyNQ48KhfSc1_JfseGV8G_zpJQ_773bKTBDDuA-Xr2ChWK4pbx_oZ-7z81JhSh2zw1nYJSqMMo6zlnXpNnuK_C5BL5PcrnY1bvvZNv_ie-bZ12ULcf7kSGTLlh0OyOn2e4s7-SpXlo-B3FR22xybN-ieBpgiaX1JnZ_QjcLH9YUfqbYzSsca3H9c5oQqSTv2cZKWSlysLRtEjBZy3qev7b-eNd0HTMQNRkO3Ryt0DOFj7g9_tH3_dUXYgun0_DfxPOXdOVk5hbzidhab6rtIgBCMxj_5veM_t45-D8RnMnipX8UuTb83TKX5gcO_Xb9r9eytJMxG9iS_xP91wDNfYzOXAxaTHyjwGSKQCnTRUrPazsSO8g-3taHUzxisHo9Yj5UOWLAxV6NyDomkhkooXJhSM2WEeBZtGK7iqvL6Sr4N7uOc-cxvQHISahmfBsqiiVxvjLCeog8FYY5c_EO_mwcHGB2kwda9ORX6PSWvquKx9E_6Ya1dtEACAP_OQWT0vJkJrHOOU5IH5D11Skz_6D32bpt2ijjSicexK1cI2-aJJSkOa2Qu0M7Ngq81Ubt1R27Z3LaekxxixOefHA70SfbVp-OSmADriHDiR_YCv6P8p16-f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: kc8ldjf48rr429nb0cr8svd18t
www.oferlo.com.ua/	1970-01-20 22:47:18	Name: SrvCch Value: 0
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: _csrf Value: d7fd0e10865e8a98c29cfd05e618464a38f96e895d58cf8d684d299a49ae05b8a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%225Z2ltU0-CP700t2o_-uHtqAyzEdq4lHr%22%3B%7D
.oferlo.com.ua/	1970-01-20 16:11:18	Name: _gcl_au Value: 1.1.476190913.1692102458
.oferlo.com.ua/	1970-01-20 14:03:08	Name: _gid Value: GA1.3.2075383794.1692102458
.oferlo.com.ua/	1970-01-20 14:01:42	Name: _gat_UA-24834420-46 Value: 1
.oferlo.com.ua/	1970-01-20 23:37:42	Name: _ga Value: GA1.1.902450206.1692102458
.oferlo.com.ua/	1970-01-20 23:23:18	Name: __gads Value: ID=d927e1dd1490f2d1-2293031096e3003b:T=1692102458:RT=1692102458:S=ALNI_MZNKr3zWkvxCLqPVcdM49A1g_LKyg
.oferlo.com.ua/	1970-01-20 23:23:18	Name: __gpi Value: UID=00000c609f8bcbb6:T=1692102458:RT=1692102458:S=ALNI_MYXifG7WpUR83gd7I2QzbYsw-na8g
.oferlo.com.ua/	1970-01-20 14:03:08	Name: _uetsid Value: 1f1d16a03b6711eead10416a40486547
.oferlo.com.ua/	1970-01-20 23:23:18	Name: _uetvid Value: 1f1d40b03b6711ee88dc4ddad1bd7409
.oferlo.com.ua/	1970-01-20 16:11:18	Name: _fbp Value: fb.2.1692102458481.1547495753
.bing.com/	1970-01-20 23:23:18	Name: MUID Value: 10B0C123C38F625110F8D24DC2236371
.travelaudience.com/	1970-01-20 23:33:23	Name: _tracker Value: %7B%22UUID%22%3A%22381D0A0C-148A-474F-85E8-BBB35EC0A1A7%22%7D
.adform.net/	1970-01-20 14:46:20	Name: C Value: 1
.adform.net/	1970-01-20 15:28:06	Name: uid Value: 5296192764517968824
.doubleclick.net/	1970-01-20 18:20:54	Name: APC Value: AfxxVi7zB0yHERnmVrKxsWkazQCk5eniOrXGge8WQ_bW_jW72GJ6_A
.turn.com/	1970-01-20 18:20:54	Name: uid Value: 8678265245863580159
.tribalfusion.com/	1970-01-20 16:11:18	Name: ANON_ID Value: aWnt6ZaujieEo7YxU2mxDp7hZchxhZb739t7Udft8RG7kCVmZdXAZcs2GqTPdZdMMaZaa8J8RFTguuxMu1nXPyTecdHi5vG3ZdCC
.casalemedia.com/	1970-01-20 16:11:18	Name: CMPS Value: 1220
.casalemedia.com/	1970-01-20 16:11:18	Name: CMPRO Value: 1220
.casalemedia.com/	1970-01-20 22:47:18	Name: CMID Value: ZNtvPMUz3mWLpG-fdJL3AgAA
.adnxs.com/	1970-01-20 16:11:18	Name: uuid2 Value: 1004766526751881239
.doubleclick.net/	1970-01-20 23:23:18	Name: IDE Value: AHWqTUm2-xI9fNWMYxsRFNLT8NHaiocVm0pjZKOfIVgToPWkaKfXYU6It5uB09_DZ3U
.adnxs.com/	1970-01-20 16:11:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il`hlE(%!]tcZ8i_iqf!oN/@E'zz<Z0Qms9Zx<=8qoI[`avXOO0<n3=-.J'>juu^MR7TD._PlZ[C[-kX-J+e!q
ads.travelaudience.com/	1970-01-20 23:33:23	Name: _tracker Value: %7B%22UUID%22%3A%22381D0A0C-148A-474F-85E8-BBB35EC0A1A7%22%7D
.ctnsnet.com/	1970-01-20 22:47:18	Name: cid_b1a1e5f5faa94c25835def52ef87dfae Value: 1
.ctnsnet.com/	1970-01-20 22:47:18	Name: gid_CAESEPqxxXAoS2ybi1zHYqPpzBU Value: 1
.simpli.fi/	1970-01-20 22:48:44	Name: suid Value: 80B30D3D6DB542A597116C266D4F250B
.oferlo.com.ua/	1970-01-20 23:37:42	Name: _ga_366NYGWSRX Value: GS1.1.1692102458.1.0.1692102461.57.0.0
.blismedia.com/	1970-01-20 22:47:22	Name: b Value: 64DB6F3DF656B729647BDD97BLIS
.mathtag.com/	1970-01-20 14:44:54	Name: mt_mop Value: 4:1692102461
.de17a.com/	1970-01-20 22:40:06	Name: guid Value: 1.5264261505742099725

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
security	error	URL: https://www.oferlo.com.ua/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js(Line 228) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua(Line 666) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua(Line 666) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua(Line 666) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua(Line 653) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
accounts.google.com
ad.turn.com
ads.travelaudience.com
bat.bing.com
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eu.leafletscdns.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
r1---sn-4g5lzned.c.2mdn.net
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
unified.adsafeprotected.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.oferlo.com.ua
x.bidswitch.net
142.250.186.66
15.197.193.217
172.217.16.130
178.250.7.11
185.29.134.244
185.80.39.216
185.89.210.90
2.16.97.41
2001:4860:4802:34::36
213.155.156.167
2600:1f18:1aca:4280:bcaa:d2d6:e75b:9a81
2600:9000:26da:1600:8:48e:53c0:93a1
2606:4700:20::681a:264
2606:4700::6812:19ad
2620:1ec:c11::200
2800:3f0:4004:805::2003
2a00:1450:4001:13::6
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2001
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200d
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:fa8:8806:13::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.127.113.75
34.91.62.186
34.96.105.8
35.186.193.173
35.190.0.66
37.157.5.84
46.228.164.11
51.38.120.206
52.19.57.61
52.213.146.58
64.233.167.157
77.91.72.156
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a
07437d0cc202db9bdd86938852b3b3278e2c2a65837e134e704ed70bcc69d086
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
0903e081ad7e73ea1b95a3ed43366fafa56a0749bb0c44a28d143d6f5825cc62
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0fd6fbc2e6c9e0e1d5246db6ea7a436657b7c597f0f1ac224c34cd7f52ab1609
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15191c2f6273d0efd9a22e8a646c3b1f77f0ea8967f14bc1a9e9a656d73bf4dc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c1e0c28137c42797a894fe2267653af646136000fc5c53cb82c0f85971a1b45
1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101
23c1f82e1e7419abc6ba79317dec0ac4912643637a0848acee3f3d5456d02817
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
2adeda96003b7a098ac241745ff521d8588b5085c01b3929c3da4643cd072c84
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d21cf8128773a8c28bd61871d4a651859255262f344d5469feda8c47e2ab813
2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972
34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0
36b43b56cc5a7a6bf4dac0d0b047f8b76b30e9497f4422ba88cc6b81a6d065d2
3b396932b11505d8bc5d2eb80c99066486500a45a38cd9b17f6949b52f83a11f
3c08caead37296d4ac999bb8253c1316e14ffb0b9f2038422a14fdff3aa117a2
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03
446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a395faadca0e06c33cd7508a6cdcd669ffd64f24577bcdcaea5ec12ebd8bd0
4a5a5e8f7967411dc8e7a25f816459da34d9aef6e1c054cff15e6729cc8b1020
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4bdee25441d23d999ce7010694fcaf06b184e8ed8b21393af67ce1b31d96637e
4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52db7ac4848fd90537f38a0eb6d43484408b15458a2f7f66fc3f5dcac8441cd0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586d91336be9aee404ee7a879af864221def5cc345eb0556f3134d45a1166280
5b2c292950e27823a3ecfda204fc0d798547d3861b2cfb7eaf50d2d641f374ab
5b747674b51e2b796c5c3f9a256924233346caecd58c6f2361f05e78431043ec
5db8babad857e8422fdace59b6eda0ec8d57d7a3f676207e7f35d0a69c071944
5ee2c2ef05d8fb011d64bb3cc15c12d233c169152e2a72b9551fa28dc7492f50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460
62fc1df59ddb7dffeab9dd553eaac7e96c20d6459a1ba2269d4d0da50c201bff
63b55e0f026ea33749f4696e188e1bdad154011702a15f0e53c8a4ed93c5f30b
6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b
710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70
7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bf9bcbfa6d1b23679575107e2e55d088eb14c0cffc9e3e1f100129742901a81
7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
82e67d47075a648c29d0b56eaf1f7fb2ee61081b47ced898b43e53d84eb748d4
844e1c6c5015874eb57cd55d8a515beff385a7bf6b97b6dac22f82ba5869c04f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e
8b7d82bdee6ed8b974edac3fbfb97a8ac156936249a943c3d5def46b2b77e83b
8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8
9671de4d9601f57c69ce5939af0caecbed425c17a8577f1999a98be494044331
97669564f0c0cbd2cb1f01d970e2dd7477f1b372a535bca516bf9dcf200f2ebd
97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2
97bb35db9f4c936f90d08979bca2b96efdc4c1f65a758c1bde577e53c70dba26
98185a5cb400e163a738c867c851868a4095b204987aad7085467a829841b759
98257f881d41a98eb04cf92e2fa5776b332562102537141023564ff9525072d3
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b
9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679
9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192
a144e5d2dfdf5e9adaf14f732c99ebd3735a9bc0af5c1defee29d91409710894
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a2bf1c17843ffda7158ed240fb270f1d54bb3791881d31fc64db44e187da93c7
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a8a199b19af88ef723e0f1e5596f66f2d1f00ce5e1bbea9e2cd1e0f3ef4f7143
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b50673465e0b107b61d72eb4c8760a6ad51cc2a94b67329a041c31fa9ed5f826
ba3478c56cbd17efde25bbe365aadd60d107fb6887d496adbf590ad24b446c01
bb163f503b1617c4f2f2c2a12d008a0c486f76355d20774f62bbf7fb0e909900
c17a993d92a702cc2d1b12adb9ea13bba9dec731119e152f7fb43adf6193b666
c1fb1e346384232cb17d28002913baaafc0572382bae5aec82b0dca887f16f42
c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c
c5214f5229f568d45755ead66df92e22ffa5160b26cd1efce1d40ccebcd5de53
c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
c7d61645f8cbb1f1dead0070107773bba8127040e5dd2f09ed979d0c96e839cf
c8933ab6892f524be2e6d987223145632163835a9af5fd3ef250f679288afa56
d11c785821bd86b30aea41f9a1e7c4b38009c49bac5785349730afa8d9bec544
d12a75802fe3c1dea1f4f74b0b83991195f3019ec675455469f1fba3589294c9
d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf
d454757e2e224ed465f7c80f698085b8c863536430701f565515674e9f4ef516
d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336
d88ff89f753d596418b13c34d4d9ccb20a5c589f132fa8c52925fb9a882799cb
da284a604cc6eefc8420592fd5410c332052e4c666be549f316bee46db6db429
dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456
e1a8f7618cec38c5e74012b1f4636cbf61f19c0ba4e2d83a7921d0d09814b258
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e533075f599c626a6121a7a013266afd39a9faf4ed25dd465c2e0d2307140411
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e594c59a4317bb60b4403164659dc29e2c7f789d82dcb4456ab615c823622ce5
e958fd55794b5a52a514dd4b7465aa2d623b5cc26c70df30a715a2cf6506d6d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ed0541ab3f6240323ff5afe4397abf79e45e0736217169388524d92814ff4d
f4fa8d097dcdf64893bf5231ff313a46ad77243e5e3a843575b4e8b92d27798e
f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777
f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac
fe4ae05ae1672a83951f379451a6af5100b03df7f8fd25a391636e8e564bb756
ffc7ec231f902818cbc9c3b1d4cc2f43f0aab9afa99c0aca9306209720b0cb92

www.oferlo.com.ua Open in urlscan Pro 77.91.72.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

226 Requests

89 %HTTPS

55 %IPv6

34 Domains

50 Subdomains

40 IPs

13 Countries

3042 kBTransfer

6818 kBSize

33 Cookies

14 Outgoing links

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.oferlo.com.ua Open in urlscan Pro
77.91.72.156 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

89 %
HTTPS

55 %
IPv6

34
Domains

50
Subdomains

40
IPs

13
Countries

3042 kB
Transfer

6818 kB
Size

33
Cookies

226 HTTP transactions
6 data transactions