urlscan.io logo urlscan.io
SecurityTrails logo

kolobok.ua Open in urlscan Pro
193.29.200.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kolobok.ua/
Effective URL: https://kolobok.ua/
Submission: On March 28 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 11 countries across 70 domains to perform 468 HTTP transactions. The main IP is 193.29.200.162, located in Ukraine and belongs to UMHAS, UA. The main domain is kolobok.ua.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.
This is the only time kolobok.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40 193.29.200.162 197203 (UMHAS)
1 91.198.36.26 43405 (DIGITAL-V...)
13 2a03:90c0:41:... 199524 (GCORE)
45 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
7 2606:2800:234... 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 23.35.236.122 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 146.59.10.80 16276 (OVH)
7 78.159.118.240 28753 (LEASEWEB-...)
2 2a03:2880:f02... 32934 (FACEBOOK)
18 193.29.200.142 197203 (UMHAS)
1 193.239.68.97 39468 (BIGMIR-IN...)
13 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.104 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
7 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
3 193.239.71.100 39468 (BIGMIR-IN...)
10 2.21.143.57 16625 (AKAMAI-AS)
2 91.198.36.35 43405 (DIGITAL-V...)
2 185.187.81.41 43332 (IDSTRATEG...)
19 146.0.227.109 20773 (GODADDY)
1 2 104.244.42.200 13414 (TWITTER)
4 185.184.8.65 204995 (RTB-HOUSE...)
2 185.86.138.122 201081 (SMARTADSE...)
1 185.86.137.114 201081 (SMARTADSE...)
1 11 190.2.153.150 49981 (WORLDSTREAM)
2 2606:2800:134... 15133 (EDGECAST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
5 5 18.193.160.53 16509 (AMAZON-02)
2 2 96.46.186.58 7979 (SERVERS-COM)
1 2 212.8.250.228 49981 (WORLDSTREAM)
2 2 190.2.151.10 49981 (WORLDSTREAM)
1 1 185.180.223.221 49981 (WORLDSTREAM)
1 1 212.8.250.83 49981 (WORLDSTREAM)
1 185.187.81.40 43332 (IDSTRATEG...)
9 142.250.181.226 15169 (GOOGLE)
1 39 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
10 36 172.217.23.98 15169 (GOOGLE)
6 12 2.18.234.21 16625 (AKAMAI-AS)
4 7 185.33.221.50 29990 (ASN-APPNEX)
1 209.197.3.19 20446 (STACKPATH...)
5 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.230 15169 (GOOGLE)
7 2.21.140.103 16625 (AKAMAI-AS)
2 34.149.12.213 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 66.102.1.155 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 3.64.119.154 16509 (AMAZON-02)
28 2a00:1450:400... 15169 (GOOGLE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 185.86.137.121 201081 (SMARTADSE...)
2 2 18.156.0.31 16509 (AMAZON-02)
12 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 1 52.29.167.104 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 35.186.253.211 15169 (GOOGLE)
3 3 104.36.113.23 62713 (AS-PUBMATIC)
2 2 69.173.144.138 26667 (RUBICONPR...)
11 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 18.195.155.181 16509 (AMAZON-02)
2 2 213.155.156.182 1299 (TWELVE99 ...)
2 2 216.52.2.30 30282 (AS-INAPCD...)
2 2 213.19.147.151 26120 (RHYTHMONE)
1 1 213.19.147.45 3356 (LEVEL3)
1 1 52.215.248.120 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
8 213.254.244.108 3257 (GTT-BACKB...)
468 75
40    193.29.200.162 (Ukraine)

ASN197203 (UMHAS, UA)
kolobok.ua
api.phnx.click
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
13    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
45    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
14    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
7    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    23.35.236.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-122.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
encrypted-tbn3.gstatic.com
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
7    78.159.118.240 (Munich, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
18    193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)
exchange.informer.ua
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
13    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
googleads4.g.doubleclick.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
10    2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
2    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.znctrack.net
19    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
ww251.smartadserver.com
11    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.mox.tv
2    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
5    18.193.160.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-160-53.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    96.46.186.58 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.mediawayss.com
ad.vidver.to
2    190.2.151.10 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net
ad.outstream.today
ad.invamia.com
1    185.180.223.221 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.adopx.net
1    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidverto.io
1    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
39    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
7    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
36    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
12    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
7    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
5    2a02:26f0:7100:494::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
7    2.21.140.103 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-103.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
2    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
bid.g.doubleclick.net
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    3.64.119.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-119-154.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
28    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
12    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    52.29.167.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
d.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
11    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a05:d018:d29:3601:b73:5e1d:a8b6:5551 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
2    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    213.19.147.151 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.targeting.unrulymedia.com
1    52.215.248.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-248-120.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
8    213.254.244.108 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
tpsc-frc.doubleverify.com
Apex Domain
Subdomains		 Transfer
83 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 118
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
859 KB
63 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 61
stats.g.doubleclick.net — Cisco Umbrella Rank: 163
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 246
cm.g.doubleclick.net — Cisco Umbrella Rank: 276
ad.doubleclick.net — Cisco Umbrella Rank: 223
bid.g.doubleclick.net — Cisco Umbrella Rank: 619
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 332
314 KB
34 kolobok.ua
kolobok.ua
644 KB
32 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 37260
inv-nets.admixer.net — Cisco Umbrella Rank: 3989
208 KB
28 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 316
349 KB
25 criteo.net
static.criteo.net — Cisco Umbrella Rank: 732
pix.eu.criteo.net — Cisco Umbrella Rank: 6760
csm.eu.criteo.net — Cisco Umbrella Rank: 6802
307 KB
18 informer.ua
exchange.informer.ua — Cisco Umbrella Rank: 634543
103 KB
15 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 612
rtb0.doubleverify.com — Cisco Umbrella Rank: 916
tps.doubleverify.com — Cisco Umbrella Rank: 555
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 11803
tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 8964
218 KB
14 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 333
251 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 873
11 KB
12 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42162
bgstats.mox.tv — Cisco Umbrella Rank: 50248
106 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 124
www.google.com — Cisco Umbrella Rank: 20
2 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
157 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 477
px.moatads.com — Cisco Umbrella Rank: 495
105 KB
9 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 824
syndication.twitter.com — Cisco Umbrella Rank: 1035
214 KB
8 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 944
cdn.flashtalking.com — Cisco Umbrella Rank: 1223
secure.flashtalking.com — Cisco Umbrella Rank: 3161
215 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 322
7 KB
7 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 202331
z.cdn.umh.ua — Cisco Umbrella Rank: 216555
6 KB
7 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1957
m.addthis.com — Cisco Umbrella Rank: 1896
e.dlx.addthis.com — Cisco Umbrella Rank: 2617
221 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 211
208 KB
6 phnx.click
api.phnx.click
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 306
112 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 380
3 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 34790
ls.hit.gemius.pl — Cisco Umbrella Rank: 9266
15 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 634
3 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1836
ww251.smartadserver.com — Cisco Umbrella Rank: 318094
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1565
2 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5878
688 B
4 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4057
1 KB
4 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 91945
i.bigmir.net — Cisco Umbrella Rank: 182449
2 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 842
2 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12693
ads.eu.criteo.com — Cisco Umbrella Rank: 6808
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8959
53 KB
3 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 621
cms.quantserve.com — Cisco Umbrella Rank: 1519
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 94
327 B
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 908
750 B
3 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 212206
h.holder.com.ua — Cisco Umbrella Rank: 217443
4 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 772
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6186
722 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1254
s.tribalfusion.com — Cisco Umbrella Rank: 3445
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1199
r.turn.com — Cisco Umbrella Rank: 3913
869 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 508
916 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2105
414 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 504
941 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3517
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4220
207 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2242
1 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1166
43 KB
2 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1997
pbs.twimg.com — Cisco Umbrella Rank: 632
11 KB
2 znctrack.net
s.znctrack.net — Cisco Umbrella Rank: 119989
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188
85 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98
20 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1059
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2956
38 KB
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 4124
375 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1526
581 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1225
59 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3930
549 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1211
324 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 765
760 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 45983
510 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 314652
169 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 64600
482 B
1 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 51053
545 B
1 invamia.com
ad.invamia.com — Cisco Umbrella Rank: 68325
560 B
1 adopx.net
ad.adopx.net — Cisco Umbrella Rank: 70452
577 B
1 outstream.today
ad.outstream.today — Cisco Umbrella Rank: 69455
591 B
1 mediawayss.com
ad.mediawayss.com — Cisco Umbrella Rank: 67181
612 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2298
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 521
5 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2782
992 B
468 70
Domain Requested by
45 pagead2.googlesyndication.com kolobok.ua
pagead2.googlesyndication.com
cdn.admixer.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
bid.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
36 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
kolobok.ua
34 tpc.googlesyndication.com 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
kolobok.ua
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
s0.2mdn.net
34 kolobok.ua 1 redirects kolobok.ua
28 s0.2mdn.net 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
kolobok.ua
s0.2mdn.net
19 inv-nets.admixer.net cdn.admixer.net
kolobok.ua
ad.mox.tv
18 exchange.informer.ua kolobok.ua
exchange.informer.ua
cdn.jsdelivr.net
14 cdnjs.cloudflare.com kolobok.ua
cdnjs.cloudflare.com
13 cdn.admixer.net kolobok.ua
cdn.admixer.net
12 static.criteo.net ads.eu.criteo.com
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
11 pix.eu.criteo.net ads.eu.criteo.com
11 ad.mox.tv 1 redirects kolobok.ua
ad.mox.tv
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
kolobok.ua
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
kolobok.ua
8 px.moatads.com googleads.g.doubleclick.net
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 www.google.com googleads.g.doubleclick.net
kolobok.ua
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 platform.twitter.com kolobok.ua
platform.twitter.com
6 tpsc-frc.doubleverify.com cdn.doubleverify.com
6 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
googleads.g.doubleclick.net
6 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
6 z.cdn.umh.ua cdn.umh.ua
6 api.phnx.click kolobok.ua
cdnjs.cloudflare.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
kolobok.ua
5 x.bidswitch.net 5 redirects
4 googleads4.g.doubleclick.net kolobok.ua
4 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 prebid-eu.creativecdn.com cdn.admixer.net
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 gaua.hit.gemius.pl 1 redirects kolobok.ua
gaua.hit.gemius.pl
4 s7.addthis.com kolobok.ua
s7.addthis.com
3 image6.pubmatic.com 3 redirects
3 i.bigmir.net kolobok.ua
3 www.facebook.com 1 redirects kolobok.ua
connect.facebook.net
cdn.jsdelivr.net
3 partner.googleadservices.com pagead2.googlesyndication.com
2 tps.doubleverify.com cdn.doubleverify.com
2 e.dlx.addthis.com 2 redirects
2 sync.1rx.io 2 redirects
2 ap.lijit.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 pixel.rubiconproject.com 2 redirects
2 rtb.openx.net googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 ups.analytics.yahoo.com 2 redirects
2 eb2.3lift.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 dclk-match.dotomi.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
2 encrypted-tbn2.gstatic.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
2 encrypted-tbn1.gstatic.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
2 encrypted-tbn0.gstatic.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 ad.doubleclick.net 1 redirects kolobok.ua
2 fonts.googleapis.com securepubads.g.doubleclick.net
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
2 ads.betweendigital.com 2 redirects
2 unpkg.com ad.mox.tv
2 prg.smartadserver.com cdn.admixer.net
2 syndication.twitter.com 1 redirects platform.twitter.com
2 s.znctrack.net kolobok.ua
2 h.holder.com.ua i.holder.com.ua
2 z.moatads.com s7.addthis.com
cdn.flashtalking.com
2 connect.facebook.net kolobok.ua
connect.facebook.net
2 www.google-analytics.com kolobok.ua
www.google-analytics.com
1 rtbc-eu3.doubleverify.com cdn.doubleverify.com
1 pixel.everesttech.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 cs.emxdgt.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
1 match.adsby.bidtheatre.com 1 redirects
1 s.tribalfusion.com kolobok.ua
1 a.tribalfusion.com 1 redirects
1 r.turn.com kolobok.ua
1 ad.turn.com 1 redirects
1 secure.flashtalking.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ssbsync.smartadserver.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 bid.g.doubleclick.net cdn.doubleverify.com
1 encrypted-tbn3.gstatic.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
1 www.gstatic.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
1 ads.eu.criteo.com 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com kolobok.ua
1 rtb0.doubleverify.com cdn.doubleverify.com
1 servedby.flashtalking.com googleads.g.doubleclick.net
1 pbs.twimg.com kolobok.ua
1 loadercdn.net kolobok.ua
1 ad.vidver.to kolobok.ua
1 ad.vidverto.io 1 redirects
1 ad.invamia.com 1 redirects
1 ad.adopx.net 1 redirects
1 ad.outstream.today 1 redirects
1 ad.mediawayss.com 1 redirects
1 bgstats.mox.tv kolobok.ua
1 pixel.quantserve.com kolobok.ua
1 cdn.syndication.twimg.com platform.twitter.com
1 ww251.smartadserver.com cdn.admixer.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 c.bigmir.net kolobok.ua
1 cdn.umh.ua kolobok.ua
1 cdn.jsdelivr.net kolobok.ua
1 stackpath.bootstrapcdn.com kolobok.ua
1 upload.wikimedia.org kolobok.ua
1 maxcdn.bootstrapcdn.com kolobok.ua
1 i.holder.com.ua kolobok.ua
468 112

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
mediadim.com.ua
www.bigmir.net
Subject Issuer Validity Valid
kolobok.ua
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
holder.com.ua
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
api.phnx.click
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-19 -
2022-11-17		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
cdn.umh.ua
R3		 2022-02-08 -
2022-05-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-04 -
2022-04-04		 3 months crt.sh
exchange.informer.ua
R3		 2022-03-10 -
2022-06-08		 3 months crt.sh
c.bigmir.net
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
img.com.ua
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
s.znctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-27 -
2022-09-05		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ad.mox.tv
R3		 2022-01-30 -
2022-04-30		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-01-29 -
2022-04-29		 3 months crt.sh
loadercdn.net
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
cdn.flashtalking.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-02		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh

This page contains 61 frames:

Primary Page: https://kolobok.ua/
Frame ID: B894E8D568DF23D70C4C3741FB79ADE9
Requests: 165 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 00816A06E321F1A13F80679333113533
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 65F4188A9A9B7BB9BEC47E73E9C6EAF0
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 8151F0C4CFE1C5173EB8EFCA6C4BAD88
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 022C9368141DEE5F7D6D9D9EFB07E5E0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: 4FE89D2CCBDD0019914E9D10F066FA81
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 4A09CF74B5DC515EC8A60EFF2C9565C1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 75F548A95D971E099611E5C8DB96AE69
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 525A4EC05A9D7288082E51D35C40FBCF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: EE05DEADBA91C4E2838FFE2BE06B66F5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 0A20FB32CED4C46FAF8243ADF7543661
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1648454598&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454597768&bpp=4&bdt=558&idt=234&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2526833698839&frm=20&pv=2&ga_vid=1681840888.1648454598&ga_sid=1648454598&ga_hid=554043228&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063246&oid=2&pvsid=1121662594564131&pem=554&tmod=2007355837&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257
Frame ID: A470BD8644C73332CCB10A9C4FE9457D
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: F0863B1FD677BE2857FC5BED71955431
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: D4094354111E5468597D9F60F37CDEBA
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 67B926FACB709948B372F34FEB018517
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fkolobok.ua
Frame ID: 5ADFD6796C00B59D7AB0C66C342C01AF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1def20ee03ab4c%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff25ad6fd66c4d98%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: E74E807CAD34F33F6A37ED1F4E60BF8F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9DC7374532EB3F83FBB4E0C7FAE592CD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B56B084B269F3DE66720E7DE93B52A75
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 316ECFD92FAF36CA8383917E295BDE91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1E491913BF038F457EF02C305E9CF8BD
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4050389B6C9B83924EEC95FB68A867BD
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: C2B05381361FC790BF75E924933DC352
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Frame ID: 57D0B5B1495BDD729C2DCB73E8E6B01C
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Frame ID: E65B7F9ECDC680EAA286D937DD485C8B
Requests: 20 HTTP requests in this frame

Frame: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6711E9FE3930B7CD814AFB56D3769685
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 53294B8EDFA7DA7777CDC7E545473546
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 6681ED3B30DC1DB1211EE5600D90D0E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGN-Yq8IBMAE&v=APEucNX1aE_QO08FFNH2AtwMDqHZ_5SbBuHtW_Vrcxk9ssMJKFvkuKInh2FqMNTLgHcnyYOXT15EJINhVqEM3mcla5Z8ji2Q8tnAcAAI4G-rBqQJb_sz-AeJd0789Y3J6qyIKb4FoMjfCdnvbM2dDEurqmozn-txVoUwVN7FzlkwEgxjCB1qeJk
Frame ID: 63ADE0738A7F79884DC2A47932FCD9CD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8Y1s38xAEwAQ&v=APEucNXqo81eH1TdpIPHjqX5OgyELLfwUzZGZ20-xQkXPBknVJNJlfpmGtwRBe5XjJmQfWHujH5pvRzZbK3hWwO8FLP7em68lf7JvB8aB_dV52TMeoOW54Hw-AogkWnz0ZqlLpUD8lagPWw78aWx0bcsHtMFyu8YgoIUrHbO8Yg1HeRO2YY2xxA
Frame ID: 8BDE28536F81747E9F677D9C2E4082E1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 40DF77DDCCFDF8EC524D5730DFB23511
Requests: 3 HTTP requests in this frame

Frame: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91AE9902DADCD40962A4E1BCD5E645C8
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 19623F1ED8A899BECFF942FEEA9F4F30
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5DC19BF713B0970FE22F9AD380314E4
Requests: 3 HTTP requests in this frame

Frame: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 707F2AEA369B023E13E5DCA258216225
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Frame ID: BFE1B399E5E516A1453762FCC66B57AC
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EAD4AD1A0E7C727551737F7BCC707373
Requests: 9 HTTP requests in this frame

Frame: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84AE91552458950E9A00ED1AB97A96C7
Requests: 14 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/142462/3451559/index.html
Frame ID: B66354F295943CA9CD8FF008EC1BDB6C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhi859zEATAB&v=APEucNW-BOV69UX1j04gdq8CN3Sc8wEvlhopEgdR8KmRTTJpXIx0uCMudqFnd7zXKCWLa0fGiPBW_z8GhYUAjGrQ4gyPg3K7W5B0bQKzR31XFZoSpJ28Xbjklt-lR7MbiAJIEkVD2XZDxEwZmLwGqteZ9WbKnn7vPCXJDkqKQQZyO8PlTwYH5yg
Frame ID: 056AEBDB4CD6FA849DB22636CF73D8B2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 177C33F73B56A01102CA22B7EB89D48E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FD82D2928A813DAAE3F23510F99C3448
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04AC695A16879620633E5E888259F066
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: 9D07962FCD25DB39C71E7DB51B0ED613
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Frame ID: 11BCF576D89F3228099085A5E7E2F0A9
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Frame ID: 09B17E368069046B593CE118CDF8FAC7
Requests: 19 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2439.js
Frame ID: 2B9BC1C82877EFE33FEFA6C550FE1A62
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 167D799F5B938F331733E87827842CD7
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2439.js
Frame ID: 9C99C6545F7F2C93ADDCC7306C788A63
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53F5017D20F93CB2A34E32D9407E0ECB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: 15A5E42E074665C5C18E2A724ADB7AFC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BFD27B2EE21589700F5FDDDAA46A63D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 016069ECC1E94EAB1C9F8A98353BD1E8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 862637D11A43D4AFC5343F7EA008BADA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3F78D94E8AB44D41F793A55299A689F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1def20ee03ab4c%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff25ad6fd66c4d98%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300
Frame ID: 77D1A9E3DA0E228D530AF873B435415A
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 9F2A7334C23C42649F21E3D3071F309D
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 5664897EF8A34E370B42AC12E4B0B75F
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 783DF12211EB4FA86FB5EB7536B9FA03
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B2F66DC698EDC066EC78172B5DF7883
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F836A37EEFF5F9329A20772649923062
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Дети, родители, семья и отношения - KOLOBOK.UA

Page URL History Show full URLs

  1. http://kolobok.ua/ HTTP 301
    https://kolobok.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

468
Requests

90 %
HTTPS

38 %
IPv6

70
Domains

112
Subdomains

75
IPs

11
Countries

4918 kB
Transfer

12055 kB
Size

105
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kolobok.ua/ HTTP 301
    https://kolobok.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://gaua.hit.gemius.pl/_1648454598095/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=268&lsdata=P.oRiwgR3AyNbiDX8GKVsh9tbhbTOAGzcUxPa2w6mKz.J7gjXKL7.TwVvVXs0B8uwdXLebe573u1cGDUDgF458qYb0Yn/JiGhEQHavp5sf/&fpdata=1TkVTw59dZ5iIBub5ZELEfMCC2EcX_kYBnWOsQt654T.r7&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1648454598095/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=268&lsdata=P.oRiwgR3AyNbiDX8GKVsh9tbhbTOAGzcUxPa2w6mKz.J7gjXKL7.TwVvVXs0B8uwdXLebe573u1cGDUDgF458qYb0Yn/JiGhEQHavp5sf/&fpdata=1TkVTw59dZ5iIBub5ZELEfMCC2EcX_kYBnWOsQt654T.r7&vis=1&fpcap=
Request Chain 114
  • https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1def20ee03ab4c%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff25ad6fd66c4d98%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1def20ee03ab4c%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff25ad6fd66c4d98%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Request Chain 165
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=07328346-3026-4edd-bf7c-cfb7239b8acd&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=07328346-3026-4edd-bf7c-cfb7239b8acd&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=b8283fc8-2a95-5357-becb-b653dc8add94&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidverto.io/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidver.to/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=
Request Chain 202
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-TlXZ9VsS3Uc0b2TpSrT0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-TlXZ9VsS3Uc0b2TpSrT0&google_cver=1&C=1
Request Chain 211
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkFrxxCBWadtG-rjpQt6kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHxRTTYIMV401_eY60t-QF0&google_cver=1
Request Chain 213
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyt-4OQUsJw-fiLOn1yxWQ&google_cver=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkFrxxCBWadtG-rjpQt6mQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIXJZMp_eNZ0wN_ogDwidU8&google_cver=1
Request Chain 232
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Request Chain 244
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23784885.268260135;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23784885.268260135;dc_pre=CPXX6Par6PYCFWWTdwodIIUFSQ;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 296
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr49Ky6wEQmAEYmAEyCATzXPiQwwdV HTTP 301
  • https://tpc.googlesyndication.com/simgad/3529266222074279606
Request Chain 309
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHSqLI1qlu9U5XrCwDlSfDY&google_cver=1&google_push=AYg5qPLc1RJHZa6FmWfPmWsj29nCxBILbxckmNH_JHYdF4QWjqfKVrhw20f-yOfVwDTduFkEemYLt8X--zcVxXHJthbmvxsQx_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLc1RJHZa6FmWfPmWsj29nCxBILbxckmNH_JHYdF4QWjqfKVrhw20f-yOfVwDTduFkEemYLt8X--zcVxXHJthbmvxsQx_E&google_hm=BpTvxlORSc2yAuatKZEl4mk
Request Chain 310
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAHkCS8thZQJ6Kp4XOZsQrY&google_cver=1&google_push=AYg5qPJjXcCH2AleezJp4d09kKeWz1BKgIQeD84AsX8zFSedgp9HxKmd9u7QJpJN3xFPOGpmBt2dfy1mOZnBo9De0xkMj0S8y2Ds HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3468d64f-61d5-4ddf-8516-2962975f7231&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjXcCH2AleezJp4d09kKeWz1BKgIQeD84AsX8zFSedgp9HxKmd9u7QJpJN3xFPOGpmBt2dfy1mOZnBo9De0xkMj0S8y2Ds&google_hm=rOn8PFdjTeCxMI5-PRJNZQ==
Request Chain 312
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEANaU7-GUTlopNmmAzNLgkg&google_cver=1&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d&google_gid=CAESEANaU7-GUTlopNmmAzNLgkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQyNTc3NjY3MDM3NDk0MjI2MTU0&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d
Request Chain 314
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPlEH8X6eSJsmo2AgTNxsu8&google_cver=1&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2uOvH_MqDAjDG-BCgCM5T_1EHOVGoA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPlEH8X6eSJsmo2AgTNxsu8&google_cver=1&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2uOvH_MqDAjDG-BCgCM5T_1EHOVGoA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Ic1owQWM1RTJ1R2IyNFRzdlJwOTR4R0tURXE0ZnJfdX5B&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2uOvH_MqDAjDG-BCgCM5T_1EHOVGoA
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
Request Chain 327
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkFrxxCBWadtG-rjpQt6mQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDbn-_30JF77sIk6Cn6ltWU&google_cver=1
Request Chain 329
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Request Chain 336
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMfhT3Dwm5r2A5XIcLWM1kk&google_cver=1&google_push=AYg5qPJAXBqepPfNQW7TxjliF_O6QeAUMNE3T4XKOwcdqojOAzfqxE4JGut5XVOOwqzPpsHcVALtO3_rrgfbvustCUw-ms1Tokw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJAXBqepPfNQW7TxjliF_O6QeAUMNE3T4XKOwcdqojOAzfqxE4JGut5XVOOwqzPpsHcVALtO3_rrgfbvustCUw-ms1Tokw&google_hm=Q0FFU0VNZmhUM0R3bTVyMkE1WEljTFdNMWtr
Request Chain 339
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJOzEn-VwWViM2aITsGBwPY&google_cver=1&google_push=AYg5qPIi9pOTSTXkIrXvAqLQ7BHlen0heNuF7TdgLAThxwNoivDYyVh2cX2jrzF8Ao_sdggBoC-zQz-lW7QGO-f-2g-st53SZw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJOzEn-VwWViM2aITsGBwPY&google_cver=1&google_push=AYg5qPIi9pOTSTXkIrXvAqLQ7BHlen0heNuF7TdgLAThxwNoivDYyVh2cX2jrzF8Ao_sdggBoC-zQz-lW7QGO-f-2g-st53SZw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rq_eKuD9TxKWucYOfbDsFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIi9pOTSTXkIrXvAqLQ7BHlen0heNuF7TdgLAThxwNoivDYyVh2cX2jrzF8Ao_sdggBoC-zQz-lW7QGO-f-2g-st53SZw
Request Chain 340
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMNzSTojm09mJxjQjIP2nzw&google_cver=1&google_push=AYg5qPK3MKYbHOJ6IKmeKIuQmteGaY3rdRTm18IbUrS57ssXESghcERG43unDW5BSnFM7OMuUCXsrYhgedT1t9s-AbwFCoKAVjE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyOTUtMVgtRUJZNQ==&google_push=AYg5qPK3MKYbHOJ6IKmeKIuQmteGaY3rdRTm18IbUrS57ssXESghcERG43unDW5BSnFM7OMuUCXsrYhgedT1t9s-AbwFCoKAVjE
Request Chain 341
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1
Request Chain 368
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHHeMys6GbiqdVpiheSoJ9I&google_cver=1&google_push=AYg5qPKp1UsZpNJ8RLDIsi7UGJDptnuO8RCAWHcDHRq6D2BQwxjITApwHHZfX6KddhZxMbsQhzgKSMm3f8cRDPHRmYiXCTG3OfQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk0NDM0NzY4MDg4NjU0MjQ2OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_MJhFU3bPotyKsTcqES6Y&google_cver=1
Request Chain 369
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBoaU4KoxZNSKoJFlbB8jzc&google_cver=1&google_push=AYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBoaU4KoxZNSKoJFlbB8jzc&google_cver=1&google_push=AYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 370
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAuZQ2ppeng8dj_vY4umU4U&google_cver=1&google_push=AYg5qPLwwcKAiPNaRpoR6PynitBzMZ_nYcx0U8tz8RJUoXtYwtA2UlNgleoWOLpEoZV9-Vx3sb02MlwUtvZMr2tN8DrQxl9B2hM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLwwcKAiPNaRpoR6PynitBzMZ_nYcx0U8tz8RJUoXtYwtA2UlNgleoWOLpEoZV9-Vx3sb02MlwUtvZMr2tN8DrQxl9B2hM
Request Chain 371
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGQ3M56g3qDzg33MipkPix4&google_cver=1&google_push=AYg5qPJDpEz6zPKQTMxv79V5mBISyr_lETQCpajVSEg3wdI3NBBhttrDOwNPwNk_LcCoiMy6IZyerO-rnNuKRjy8aSP_SIHIL9VH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDpEz6zPKQTMxv79V5mBISyr_lETQCpajVSEg3wdI3NBBhttrDOwNPwNk_LcCoiMy6IZyerO-rnNuKRjy8aSP_SIHIL9VH&google_hm=NjA1MzU0ODYwMDkwNjIyMjg2Nw%3D%3D
Request Chain 372
  • https://match.360yield.com/match/ebda?google_gid=CAESEIvWsqy7zxV85UU3Dl1agvU&google_cver=1&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIvWsqy7zxV85UU3Dl1agvU&google_cver=1&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi
Request Chain 388
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3nvyOIofLIAuY6DqmNxww&google_cver=1&google_push=AYg5qPLv-wPoRWEorwUoSiS79rPOyTAYjRh09CIgh4QYve5wlDqYIdxnI6GKniD0KH7krYCA9KxeAZehrJ4jGBTLwQaS13ogaEuE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLv-wPoRWEorwUoSiS79rPOyTAYjRh09CIgh4QYve5wlDqYIdxnI6GKniD0KH7krYCA9KxeAZehrJ4jGBTLwQaS13ogaEuE&google_hm=NjA1MzU0ODYwMDkwNjIyMjg2Nw%3D%3D
Request Chain 390
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELkozFBTHVF67j3IsfxvUug&google_cver=1&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu_T_xl HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELkozFBTHVF67j3IsfxvUug&google_cver=1&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu_T_xl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu_T_xl
Request Chain 391
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5rCeh2WymZl_eZ9P4SAYc&google_cver=1&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE82UnedU1NsyY HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5rCeh2WymZl_eZ9P4SAYc&google_cver=1&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE82UnedU1NsyY&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE82UnedU1NsyY&google_hm=2c61ec2a540db538d08fe646
Request Chain 392
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFQIU_vChkD4_zy5VlqTHaY&google_cver=1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1648454601774 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3fe4cc2d-256d-49e8-82d7-0f7c1f5e36b4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4%26google_hm%3DAz_kzC0lbUnogtcPfB9eNrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4&google_hm=Az_kzC0lbUnogtcPfB9eNrQ
Request Chain 406
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECtPJpGcn_h9K8H5xwebmZc&google_cver=1&google_push=AYg5qPLaQggnh_9kr__RVcn2_W0VExn5hJPSHKJP_8G1Zwsn1nyPiLC5Ew9sZXiLbSWQvHUBcWOfj0FBuM4giCDoZbWHCyLhOJ7X HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLaQggnh_9kr__RVcn2_W0VExn5hJPSHKJP_8G1Zwsn1nyPiLC5Ew9sZXiLbSWQvHUBcWOfj0FBuM4giCDoZbWHCyLhOJ7X&google_hm=kJ5zhbgx6bh4plMHa8X6kg
Request Chain 407
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJHxiGxCTUOe8QJE3jnjfe1Xjt6f81i6uvYJhzfnWnrnzahnZ-xBTFWHj3QOpcgKVMWcNRSXq4l3mDVV7PE65QKFca7yQM&google_gid=CAESEAwyE8P_8Tfb5TEapSFeyow&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtGcnlRQUFBVnp3NEhaaQ&google_push=AYg5qPJHxiGxCTUOe8QJE3jnjfe1Xjt6f81i6uvYJhzfnWnrnzahnZ-xBTFWHj3QOpcgKVMWcNRSXq4l3mDVV7PE65QKFca7yQM
Request Chain 408
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSa71vaaEBcAZe4GSIQRR-BPw4PyuSI7TMZCYgNoJnFxSVzKdLPZACb1zuO6Z19kt27NrY2aHDS9oYgpl4db6DPemcask&google_gid=CAESEJ0CgqSNzzNSfm2bRKqa56w&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSa71vaaEBcAZe4GSIQRR-BPw4PyuSI7TMZCYgNoJnFxSVzKdLPZACb1zuO6Z19kt27NrY2aHDS9oYgpl4db6DPemcask&google_gid=CAESEJ0CgqSNzzNSfm2bRKqa56w&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjgwODAzMjEwMDA4MzI4MTgxMDY0Nw%3D%3D&google_push=AYg5qPLSa71vaaEBcAZe4GSIQRR-BPw4PyuSI7TMZCYgNoJnFxSVzKdLPZACb1zuO6Z19kt27NrY2aHDS9oYgpl4db6DPemcask
Request Chain 410
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECIwrrwZ7lHUpAQQ7I0x3N4&google_cver=1&google_push=AYg5qPJMr5xEqhoQ9rOBmxCAumUmLx15ImZ_c2vxVGWWepyBfkLmz_Gveazm30KoyTeSlju_KEZvyjh24MB5NDilhLxGvwZ9Olqq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UJviG80nRFy-Vc69OuVcQw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJMr5xEqhoQ9rOBmxCAumUmLx15ImZ_c2vxVGWWepyBfkLmz_Gveazm30KoyTeSlju_KEZvyjh24MB5NDilhLxGvwZ9Olqq
Request Chain 411
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK4ytfsFS7c5TWzuv7-wFfc&google_cver=1&google_push=AYg5qPJ2CYp8Kczs7GYSFb3CoUx1XseJDPeKhgvActsjdNVtwniXRRNt0TYPyJi3s-BJpNf_B0UWIDqS8bH3CaOuXkuKilRE2p4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyTFAtQS03STY0&google_push=AYg5qPJ2CYp8Kczs7GYSFb3CoUx1XseJDPeKhgvActsjdNVtwniXRRNt0TYPyJi3s-BJpNf_B0UWIDqS8bH3CaOuXkuKilRE2p4
Request Chain 412
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms

468 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kolobok.ua/
Redirect Chain
  • http://kolobok.ua/
  • https://kolobok.ua/
142 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3837e59fa77478eb8a5ba48752f875276ffbf1b596cbf54bedeff3990ce754c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Mon, 28 Mar 2022 08:04:03 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=300
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 28 Mar 2022 08:04:00 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://kolobok.ua/
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 28 Mar 2023 08:03:17 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:43 GMT
server
nginx
etag
W/"621a6a17-2c0e6"
x-cached-since
2022-03-28T07:59:54+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Sat, 26 Feb 2022 18:08:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc7c806af601cf36a94e0c9c77c904112f2d2f9fc6fac6565cbe59bf6952acbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54118
x-xss-protection
0
server
cafe
etag
13086528009867702138
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 08:03:17 GMT
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
909181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKSvmVUvTkegICEIhBympHdfA8iV7k11fs7AjTVmyAitBYFbBXv2dckhtX7rC01ej%2FA1XMciMbzZjweAmw3LF3OqSMuLtohE0dn2cJWYJ8Z97Yoy7jPNN7GHcIs%2BIiHhlHyexKQvMf6c%2Fz7hOfsbKLnn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed9312f6906dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
common.css
api.phnx.click/css/ 		571 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.phnx.click/css/common.css?1
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 13:55:41 GMT
server
nginx
etag
W/"5e6f855d-23b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
notice.css
api.phnx.click/common/CookiesNotice/ 		945 B
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.phnx.click/common/CookiesNotice/notice.css?3
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Wed, 15 Apr 2020 07:30:42 GMT
server
nginx
etag
W/"5e96b822-3b1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kolobok.ua/
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
602
age
53103
cdn-cachedat
03/12/2022 07:06:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"450fc463b8b1a349df717056fbb3e078"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d86cce9e1be0cf5c7464388b80a4604c
cf-ray
6f2ed93128f28871-LHR
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11274215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9804
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-d747"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1LLRIgFJp%2FHG0ZzQUE%2F9BOcN0%2BmoHdm98cD6CcQUJ4TpAFxjyP7mLLZCXD8xEQzF4M74EBEWcR7qkuz8bkfkQ3ys%2F5viBk4%2FfnSQRVhd29ueQBk%2BBQepDXCBX9PTcXJkTU1arsXm%2B0DJoWO3tItvoCy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed9312f6b06dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/swiper.min.css
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17412687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2583
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-4d3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BOTQ%2FxYz8D67SEqyKUrwGo%2F87bB1wJ1wNVRkwlzJrycvsge1hHeGbJdO5jZtwj5SXJMjXg%2B22AYsmlK%2Fvm5p3ISOb3dY8CiONHE6rwqJLoJeynOEFAB21DoTTpNj4ezpVr0rKAIpaPBe85JU4Zqbpil"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed9312f6c06dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
style.min.css
kolobok.ua/css/ 		67 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/css/style.min.css?8
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:03 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 10:29:16 GMT
server
nginx
etag
W/"6168067c-10bc0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.css
kolobok.ua/a-custom/ 		40 B
320 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/a-custom/custom.css?6
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:03 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 07:23:24 GMT
server
nginx
etag
W/"6064236c-28"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_top.png
kolobok.ua/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/logo_top.png?1
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Thu, 04 Feb 2021 12:11:24 GMT
server
nginx
etag
"601be46c-208f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8335
expires
Thu, 31 Dec 2037 23:55:55 GMT
57cd470545491dc516009b4a0f2ce49f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/66/19/8/6266198/image_main/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/66/19/8/6266198/image_main/57cd470545491dc516009b4a0f2ce49f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
08c9ee32cfe0d9e2cb13294a49f594165c7dc2505f231eaf484d11790bd27d14

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Sun, 27 Mar 2022 22:20:29 GMT
server
nginx
etag
"6240e32d-9885"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
39045
expires
Thu, 31 Dec 2037 23:55:55 GMT
fddfb4289822898802e06cc4877378f7-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/64/93/4/6264934/image_main/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/64/93/4/6264934/image_main/fddfb4289822898802e06cc4877378f7-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c87984e7318aceba7c45a0c0da603a241e68dc56d790d61f8181b5e52a60ee41

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 25 Mar 2022 10:51:13 GMT
server
nginx
etag
"623d9ea1-78a8"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
30888
expires
Thu, 31 Dec 2037 23:55:55 GMT
e363caa48b8553c78fed9b25f1c2570f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/64/75/8/6264758/image_main/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/64/75/8/6264758/image_main/e363caa48b8553c78fed9b25f1c2570f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
2b61ed885762bdc1e52c32b7bf1cc3a96a4934bb313c76ea03d6eddf250125fa

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 25 Mar 2022 07:07:09 GMT
server
nginx
etag
"623d6a1d-5c2d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
23597
expires
Thu, 31 Dec 2037 23:55:55 GMT
925963b5f7e0233323b000f0cecf3c27-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/62/35/8/6262358/image_main/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/62/35/8/6262358/image_main/925963b5f7e0233323b000f0cecf3c27-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0428be2ba8242bff520a3de34d841d7f2f5b7eb966aded1f956c4e49c4d6ad4c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Mon, 21 Mar 2022 23:21:43 GMT
server
nginx
etag
"62390887-9a2e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
39470
expires
Thu, 31 Dec 2037 23:55:55 GMT
4c4f76d2dda53f8dba4593edb37e0bab-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/59/51/2/6259512/image_main/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/59/51/2/6259512/image_main/4c4f76d2dda53f8dba4593edb37e0bab-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
f7d3e6671ff7fa6dbbbb56c8e9b757d97b7d57a925a43747e8d8679b323e3f0d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Thu, 17 Mar 2022 08:32:01 GMT
server
nginx
etag
"6232f201-6d92"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
28050
expires
Thu, 31 Dec 2037 23:55:55 GMT
ac3dbd4e588bd7620d9b8bb4b0e19172-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/54/93/9/6254939/image_main/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/54/93/9/6254939/image_main/ac3dbd4e588bd7620d9b8bb4b0e19172-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
9091fcb652e15a956f3528fca034be67f2957686da929d28f415e5e008c4a15b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Thu, 10 Mar 2022 09:04:03 GMT
server
nginx
etag
"6229bf03-86ff"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
34559
expires
Thu, 31 Dec 2037 23:55:55 GMT
61676852b4c071627142b956cce60f27-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/18/39/30/1/1839301/image_main/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/18/39/30/1/1839301/image_main/61676852b4c071627142b956cce60f27-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e860faa1aafd0f9b342ba7c6685e6ce980c4d770ee17403cae3b4a8687da164e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Sat, 16 May 2020 08:01:43 GMT
server
nginx
etag
"5ebf9de7-945c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
37980
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf711f5520ffd096b098a868feff32e0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/51/28/6/6251286/image_main/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/51/28/6/6251286/image_main/cf711f5520ffd096b098a868feff32e0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
717e3bb515e44ae9784d38ae8bc0dacd79861aa55dad2ef51ae29fc4964ed8c7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Thu, 03 Mar 2022 19:32:28 GMT
server
nginx
etag
"622117cc-4b25"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
19237
expires
Thu, 31 Dec 2037 23:55:55 GMT
cd9bbd45a5d25a545945bd6666eeb265-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/50/43/8/6250438/image_main/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/50/43/8/6250438/image_main/cd9bbd45a5d25a545945bd6666eeb265-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
667fb89fcae2f7a4784f3d3e8f70f3924c47e2475136c8b0afbdb8149b75b410

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 02 Mar 2022 12:48:23 GMT
server
nginx
etag
"621f6797-4e09"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
19977
expires
Thu, 31 Dec 2037 23:55:55 GMT
9b88f2dacf0c84c20523a33d717252c0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/49/55/2/6249552/image_main/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/49/55/2/6249552/image_main/9b88f2dacf0c84c20523a33d717252c0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
19b505b8e9ac9e2c5935f9f8bb283d9a7a7b1ad72c9e419c07980a1c2b17cda4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Tue, 01 Mar 2022 16:32:11 GMT
server
nginx
etag
"621e4a8b-7f9f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
32671
expires
Thu, 31 Dec 2037 23:55:55 GMT
1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/ 		95 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 04:20:52 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
13345
x-cache-status
hit-front
x-cache
cp3053 miss, cp3061 hit/31817
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
95
x-client-ip
2a02:8c8:c10:30::13
x-object-meta-sha1base36
1q4na1xj6topzln51tpzqqxtdtdwo9p
last-modified
Sat, 04 Apr 2020 08:42:56 GMT
server
ATS/8.0.8
etag
71a50dbba44c78128b221b7df7bb51f1
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
audio-tailes.png
kolobok.ua/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/audio-tailes.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 09 Sep 2020 14:44:19 GMT
server
nginx
etag
"5f58ea43-4374"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
17268
expires
Thu, 31 Dec 2037 23:55:55 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/635A) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:17 GMT
Content-Encoding
gzip
Age
419
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (lhb/635A)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3478725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27781
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFxJGt7uwrvTMI%2FfUbsr5Q%2BrbmMBINDW0AHM09CyikzuUWR9UIbVqxH04K99yb06Uc6TrwSvMuIbnKPd99WNOHGBBydXrE1rZPMtCAqzNyyjEy3fgCXCqGYehBg6GB4LpiMyaJrtJde9hgcLuZSdYBBG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a95a06dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kolobok.ua/
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
602
access-control-allow-origin
*
cdn-cachedat
09/27/2021 14:25:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f396061b01d7d7ea75c287c56a1436b3
cf-ray
6f2ed932ac528871-LHR
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
swiper.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/ 		122 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/swiper.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
309745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28145
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-1e700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50y%2F1pIDunFuOMk8SL1kU7zuRO%2FvZ3ct48Qa33fOwimvUrklKmKdS%2FXkYNjKiQpy8pLDHS3ciGP9HNEPzmHd4sfVAD1g7lQ0ejpNiWVjeYU4Dc9P%2B1sVirXXrqeNXOvasu8ZrC49fL8Q%2FVQF2EmLcokx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a95f06dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
isotope.pkgd.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/isotope.pkgd.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2724710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8847
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-8a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2OPyi2xE4UACvje%2B4DhZeK%2BwACyr1xQkAF9InDowTNKMw8%2BgB57D82z%2BNbseEsBaA4XreqFv3u0wRFgbVGFMJL2voCOfsb3QA1jL5iL82ASKQfjJ3F2ofNRPaeUftUmxaKcKL9rUphhKGncJAMSrflY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a96006dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
hc-sticky.min.js
cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/hc-sticky.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
584108
x-jsd-version
2.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19177-FRA, cache-lcy19243-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2d58-OHp5NYJZm3BVirYCciTrlYiBEdQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6f2ed932f89675bd-LHR
jquery.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
847703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2417
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2281"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FvptVKsytDdNoswYHPFg0Tu4LJGOYt8L7m%2FG3Ss2TdHmwfnykZDDsP3PufNootBk3udTJeV8qf9ueTV3cgy%2BR6uB%2B324xo53M7Dn3pYARVozzWNOVwX6ZFVaR%2FLSfq1yXcSEmpvqU4ab4PDBrN6e0hK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a96106dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
blazy.min.js
cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/blazy.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
546776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1735
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-1448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRaGwvtmYsAxJMOxaqP33A%2BGryVP6gNSw%2FlwfVG%2FtweT9Oi98MW38egM5WwTAhHffnIxOPl7BgOrimzxbYN%2Fmoxifl0kTzsXXc3kuYXXJvXqYdX0KpQkEQgF7V%2FGHQz3txis7sl%2BM1k%2FQJQp7CtCuEoK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a96206dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-122.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 28 Mar 2022 08:03:17 GMT
x-host
s7.addthis.com
content-length
116360
app.min.js
kolobok.ua/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/js/app.min.js?23
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 10:27:33 GMT
server
nginx
etag
W/"6076c395-1459"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
instafeed.min.js
kolobok.ua/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/js/instafeed.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 10:27:33 GMT
server
nginx
etag
W/"6076c395-1a80"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
article-stat-v2.js
api.phnx.click/js/ 		976 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.phnx.click/js/article-stat-v2.js?8
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
etag
W/"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
878148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNPG28mTBbo5VtcinZvDlNnOuL2RlqvEqxiQ%2FWADU1vn5c7K21rWXgL1Q4k3JiPqib9QDDxr8jVUOOoWKWtLTuoo2CAvAkxjnwvGKT9J0XePK6O5YWgRGhwoHuEy02Hu6wKhvmKkrmPxDfzW608Dl5Dq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a96306dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1164201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XPFSz%2BkJCKf2XD%2BcKfSdxJXzELkfZFEr11dS%2Bo2MSgEJqp1HZp%2BZoRD6%2Fx8kH8KcI0SwmmXJBMJOhDKu9WkkNPMWQS0g3GDcZTm6lNajJfQsURrPenLJTrE8b4uymGjuoGl%2BdfjswJs9DP98%2B%2B8%2BwYn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a96506dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1895387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl1FxFMKa8it0JLAEPSRMOz98g4%2FqsvmuXqgaupQLWyh8yV2nh81GRukPRdIwdW2Ka1e%2BbTYJVMGj%2BiMsfKkV5OnwcvMr6mnPg6lOxN7Cnoy4YABgfFFtm45hPNMwUdrjCkZcCI4qt0G7nRupfpExwes"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed932a96606dd-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
common.js
api.phnx.click/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.phnx.click/js/common.js?1
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
etag
W/"5e1307e6-a00"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
notice.js
api.phnx.click/common/CookiesNotice/ 		648 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.phnx.click/common/CookiesNotice/notice.js?2
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 13:24:19 GMT
server
nginx
etag
W/"5e42ab03-288"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7111
date
Mon, 28 Mar 2022 06:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 28 Mar 2022 08:04:46 GMT
c.html
cdn.admixer.net/scripts3/44184/ Frame 0081 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 08:03:17 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc35
content-encoding
gzip
0967ebea4a2a8854ab82.b.js
cdn.admixer.net/scripts3/44184/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-5d41"
vary
Accept-Encoding
x-cached-since
2022-03-04T16:47:41+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 05 Mar 2023 16:47:41 GMT
849bc7976a13501da8fc.b.js
cdn.admixer.net/scripts3/44184/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/849bc7976a13501da8fc.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-12993"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
xgemius.js
gaua.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 07:51:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Mon, 28 Mar 2022 20:03:17 GMT
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Tue, 29 Mar 2022 08:03:17 GMT
kids_pattern.png
kolobok.ua/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/kids_pattern.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 14 Apr 2021 10:27:33 GMT
server
nginx
etag
"6076c395-4b88"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
19336
expires
Thu, 31 Dec 2037 23:55:55 GMT
spt_item.gif
kolobok.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/spt_item.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 07 Dec 2018 07:55:56 GMT
server
nginx
etag
"5c0a278c-773"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1907
expires
Thu, 31 Dec 2037 23:55:55 GMT
spt_item5.gif
kolobok.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/spt_item5.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 07 Dec 2018 07:55:56 GMT
server
nginx
etag
"5c0a278c-675"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1653
expires
Thu, 31 Dec 2037 23:55:55 GMT
spt_item4.gif
kolobok.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/spt_item4.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 07 Dec 2018 07:55:56 GMT
server
nginx
etag
"5c0a278c-5bb"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1467
expires
Thu, 31 Dec 2037 23:55:55 GMT
dinroundpro-bold.woff2
kolobok.ua/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/fonts/dinroundpro-bold.woff2
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2

Request headers

Referer
https://kolobok.ua/css/style.min.css?8
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 07 Dec 2018 07:55:56 GMT
server
nginx
etag
"5c0a278c-8e30"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://kolobok.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
36400
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7046496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13552
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-34f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Bev%2B8WZvYU1LJrJFuKxjBBWvY6v5YnByFhyJAwXQ3r0xcREmFFZDl5fMQ0aZHrzq%2F2p1s4Mi46Yk%2BBsPQdfXtkDgE37GXo8Jauv8k9BRHfdRcLcygu8lESxg5HdtXFfs2mpPF4gUnEZGD5cRVHodhWh"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed9334a2e7717-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
394228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74768
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12410"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV%2Bpu5tNdE0n2CvWJLJcscCLxa2%2FYmxpZmPVhNLX7cXG2AopvQfLmR9ZerIHOoopjtAD7twuRYzskgC7m60UhI9XFLAD7O61%2FGo3pt1pFLSEBIlZFYkIifMQjiyyHsKNoue1NVxyRUkDXF7GLmZcWpgR"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed9334a307717-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
dinroundpro-black.woff2
kolobok.ua/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/fonts/dinroundpro-black.woff2
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5

Request headers

Referer
https://kolobok.ua/css/style.min.css?8
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 07 Dec 2018 07:55:56 GMT
server
nginx
etag
"5c0a278c-886c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://kolobok.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
34924
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2628771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74256
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12210"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY6q%2B401GFeLHMEgU%2BBM6k7l0E2YTnUDfbFmq3iqEylQcHvKTdd%2B8M%2Fq0a4ZVMtF07H%2BDBvJ4Iz3Dkc%2FN1rbAjvexXyGKmqmUfy8HijQoqlMUDDgKUGif9h92IGX1nWZjkjtGDrgLdOJIxTbudAoFyAR"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f2ed9334a2b7717-LHR
expires
Sat, 18 Mar 2023 08:03:17 GMT
truncated
/ 		150 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
loader.gif
kolobok.ua/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/loader.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 14 Apr 2021 10:27:33 GMT
server
nginx
etag
"6076c395-22ee"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8942
expires
Thu, 31 Dec 2037 23:55:55 GMT
sidebar_quote_b1.jpg
kolobok.ua/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/sidebar_quote_b1.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 14 Apr 2021 10:27:33 GMT
server
nginx
etag
"6076c395-57b1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
22449
expires
Thu, 31 Dec 2037 23:55:55 GMT
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcfbae28af5c946af6d2346bd2a90816aebdd97b56a996ab0dbb1173fb3ef7a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
egd3aOS48Usf4DEfVJLayw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
F6EGnOB7yiqyiiWv0WQo3qas7zbyYYvw3/ESii/fOeGeZI987KYynn9fk+zdJI0efA/Qu8zZrAQ8raui9Bh9SQ==
x-fb-trip-id
917726464
x-fb-content-md5
ddd11e79ef31d41bd3ccf63e18699c1c
x-frame-options
DENY
date
Mon, 28 Mar 2022 08:03:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"55af0412b6ce36ffe279a09c4916f2c0"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 28 Mar 2022 08:19:50 GMT
/
exchange.informer.ua/informer/stat/ Frame 65F4 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.informer.ua/informer/stat/?s=ivona
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
a092ff46484ab1199bcc62cb4c0ad9006a7e6d3f63793b2857863588f5086dcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx/1.12.2
date
Mon, 28 Mar 2022 08:04:07 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
content-encoding
gzip
/
exchange.informer.ua/informer/stat/ Frame 8151 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.informer.ua/informer/stat/?s=smak
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
144001f9e39b93e88e696a71a63391bf54dd787a4451346ca8f10b6c886a4aa2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx/1.12.2
date
Mon, 28 Mar 2022 08:04:07 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
content-encoding
gzip
/
exchange.informer.ua/informer/stat/ Frame 022C 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.informer.ua/informer/stat/?s=ivona
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
7b385c227a9618d508eb3340d6aed05c10138a3a9b230b4c1d4a10376752570f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx/1.12.2
date
Mon, 28 Mar 2022 08:04:07 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
content-encoding
gzip
/
c.bigmir.net/ 		132 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n723133&w0&y0&d24&r1600
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
a4b68e82ea1541b177f05f0fe8353f96b61d97a2a529f038c0726cb7cba5db0e

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=554043228&t=pageview&_s=1&dl=https%3A%2F%2Fkolobok.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1081946396&gjid=103721679&cid=1681840888.1648454598&tid=UA-82254946-1&_gid=1797279371.1648454598&_r=1&_slc=1&z=1247818028
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/ 		297 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a790e422760ec8bf48e1292e9f986daab679cb99c74bba2a39c4edd415b9fd42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109450
x-xss-protection
0
server
cafe
etag
13560770014488157429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 08:03:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame 4FE8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 27 Mar 2022 14:18:28 GMT
expires
Sun, 10 Apr 2022 14:18:28 GMT
cache-control
public, max-age=1209600
age
63889
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load
z.cdn.umh.ua/ 		56 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1466079092&div=zone_1466079092&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=4646&pl=3&mi=4&me=8&hc=4&n=1648454597811&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=691250345
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
56
expires
-1
load
z.cdn.umh.ua/ 		76 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1320537623&div=zone_1320537623&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=4646&pl=3&mi=4&me=8&hc=4&n=1648454597811&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=691250345
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
715b5ef34803939ca6fc15cd9cf52e31c6cf0ba53c47a90166daabb325fceb2a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
76
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1584315929&div=zone_1584315929&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=4646&pl=3&mi=4&me=8&hc=4&n=1648454597811&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=691250345
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		308 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=4646&pl=3&mi=4&me=8&hc=4&n=1648454597811&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=691250345
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
c346594e1b424c49941cdf4fbe7bd0d125af38bce94016631d534a94b2f229ff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
243
expires
-1
load
z.cdn.umh.ua/ 		75 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1619353633&div=zone_1619353633&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=4646&pl=3&mi=4&me=8&hc=4&n=1648454597811&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=691250345
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
ac7eed07b5d8d9f32110d81fd1def84f3ee9a59d7fe7941a79a2b014f3fa1afb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/ 		75 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1836467761&div=zone_1836467761&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=4646&pl=3&mi=4&me=8&hc=4&n=1648454597811&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=691250345
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
sdk.js
connect.facebook.net/uk_UA/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=59c7afe658f1e706debf8dde8da0c355
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e849a2635dcab537152ae58a8630e41c893daa58e1cf488c8c7aa188aed63fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://kolobok.ua/
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DwQicUS80XGlWdYCOx5HGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84303
x-fb-rlafr
0
x-fb-debug
xamnIDtgEpG7Td9bQnGIoSPyIIsurbwJ0cBhm9e4AHX+HI/UmoYSdZKfC5cH0oECeoB+BiDU/nEbv0zLatNJQg==
x-fb-content-md5
6017549822cb64a0041f9d08b21cb093
x-frame-options
DENY
date
Mon, 28 Mar 2022 08:03:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2759e7991a132e5c42dd16ebad1301e0"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 28 Mar 2023 06:59:38 GMT
fpdata.js
gaua.hit.gemius.pl/ 		279 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=kolobok.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
6294737e1373afd8afccd1d6d6ed072b90f648cd4fc702e24394df6b1aa59670

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:17 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
279
expires
Wed, 27 Apr 2022 08:03:17 GMT
lsget.html
ls.hit.gemius.pl/ Frame 4A09 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
fb2cb404d209fea69bf202019c6fdad79071a1f57eb2988eba92cda5e583fa5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
expires
Wed, 27 Apr 2022 08:03:18 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2716
content-encoding
gzip
collect
stats.g.doubleclick.net/j/ 		1 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82254946-1&cid=1681840888.1648454598&jid=1081946396&gjid=103721679&_gid=1797279371.1648454598&_u=IEBAAEAAAAAAAC~&z=829422318
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Mar 2022 08:03:17 GMT
content-type
text/plain
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/44184/ Frame 75F5 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 08:03:17 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc35
content-encoding
gzip
c.html
cdn.admixer.net/scripts3/44184/ Frame 525A 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 08:03:17 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc35
content-encoding
gzip
c.html
cdn.admixer.net/scripts3/44184/ Frame EE05 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 08:03:17 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc35
content-encoding
gzip
c.html
cdn.admixer.net/scripts3/44184/ Frame 0A20 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 08:03:17 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc35
content-encoding
gzip
cookie.js
partner.googleadservices.com/gampad/ 		214 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
563f26067599a752fd7993ca74b71b8c62e867db0d9b935924ac703f17983ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkolobok.ua%2F&tn=NAV&cls=top-navbar%20navbar%20navbar-expand-lg%20navbar-light%20bg-light%20fixed-top%20kids_pattern%20justify-content-between%20justify-content-lg-center%20align-items-end&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A470 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1648454598&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454597768&bpp=4&bdt=558&idt=234&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2526833698839&frm=20&pv=2&ga_vid=1681840888.1648454598&ga_sid=1648454598&ga_hid=554043228&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063246&oid=2&pvsid=1121662594564131&pem=554&tmod=2007355837&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 28 Mar 2022 08:03:18 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Mar 2022 08:03:18 GMT
cache-control
private
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=202832543530482&ev=fb_page_view&dl=https%3A%2F%2Fkolobok.ua%2F&rl=&if=false&ts=1648454598061&sw=1600&sh=1200&at=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 28 Mar 2022 08:03:18 GMT
2fe0232442e15f4f834f32bf3eb59d7e.jpg
exchange.informer.ua/assets/thumbnails/2f/ Frame 022C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/2f/2fe0232442e15f4f834f32bf3eb59d7e.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2e7f6e46092bb0bf587e8b31b5222377a03d18dc6c59fa746dbdc3bfacde8af7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 13:20:17 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62406491-1eb2"
content-length
7858
content-type
image/jpeg
198bec95eaad0a8b42f7fec762ee122d.jpg
exchange.informer.ua/assets/thumbnails/19/ Frame 022C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/19/198bec95eaad0a8b42f7fec762ee122d.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2e89dc115b7e7ae90b4ca583d32a2808b11053bed84e28a3b37b0967abd913a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 10:31:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62403cea-18e0"
content-length
6368
content-type
image/jpeg
908d6976c514ff85982cd3df5c65a657.jpg
exchange.informer.ua/assets/thumbnails/90/ Frame 022C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/90/908d6976c514ff85982cd3df5c65a657.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f7eb0027fdd203ea29e8c95afc953a8dec19b668705323063431c81a472ef122

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 06:20:14 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6240021e-1aec"
content-length
6892
content-type
image/jpeg
8c23406b99a744e85e7713189001afc0.jpg
exchange.informer.ua/assets/thumbnails/8c/ Frame 022C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/8c/8c23406b99a744e85e7713189001afc0.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8af79c72b1bb8e26918c7b4a03546c1d65dd4caacad43ad10eeacbceb7b2c229

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sat, 26 Mar 2022 18:50:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623f6060-14db"
content-length
5339
content-type
image/jpeg
1c7acf6d2431117630cd06a1a892506e.jpg
exchange.informer.ua/assets/thumbnails/1c/ Frame 022C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/1c/1c7acf6d2431117630cd06a1a892506e.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
364b47c97c84b34dd2526f739c2e41d23b3ef77d10315a21e2860ec6cd8d03bd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 10:50:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62404160-1286"
content-length
4742
content-type
image/jpeg
2fe0232442e15f4f834f32bf3eb59d7e.jpg
exchange.informer.ua/assets/thumbnails/2f/ Frame 65F4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/2f/2fe0232442e15f4f834f32bf3eb59d7e.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2e7f6e46092bb0bf587e8b31b5222377a03d18dc6c59fa746dbdc3bfacde8af7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 13:20:17 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62406491-1eb2"
content-length
7858
content-type
image/jpeg
908d6976c514ff85982cd3df5c65a657.jpg
exchange.informer.ua/assets/thumbnails/90/ Frame 65F4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/90/908d6976c514ff85982cd3df5c65a657.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f7eb0027fdd203ea29e8c95afc953a8dec19b668705323063431c81a472ef122

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 06:20:14 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6240021e-1aec"
content-length
6892
content-type
image/jpeg
8c23406b99a744e85e7713189001afc0.jpg
exchange.informer.ua/assets/thumbnails/8c/ Frame 65F4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/8c/8c23406b99a744e85e7713189001afc0.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8af79c72b1bb8e26918c7b4a03546c1d65dd4caacad43ad10eeacbceb7b2c229

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sat, 26 Mar 2022 18:50:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623f6060-14db"
content-length
5339
content-type
image/jpeg
1c7acf6d2431117630cd06a1a892506e.jpg
exchange.informer.ua/assets/thumbnails/1c/ Frame 65F4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/1c/1c7acf6d2431117630cd06a1a892506e.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
364b47c97c84b34dd2526f739c2e41d23b3ef77d10315a21e2860ec6cd8d03bd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 10:50:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62404160-1286"
content-length
4742
content-type
image/jpeg
198bec95eaad0a8b42f7fec762ee122d.jpg
exchange.informer.ua/assets/thumbnails/19/ Frame 65F4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/19/198bec95eaad0a8b42f7fec762ee122d.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2e89dc115b7e7ae90b4ca583d32a2808b11053bed84e28a3b37b0967abd913a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 10:31:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62403cea-18e0"
content-length
6368
content-type
image/jpeg
9016a133e796f4ae9b10c41bb670b2dd.jpg
exchange.informer.ua/assets/thumbnails/90/ Frame 8151 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/90/9016a133e796f4ae9b10c41bb670b2dd.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
6bb2888011d470a1fd117be6c4b194f49ade80140403149f9e6b15ed048aa874

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=smak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sat, 26 Mar 2022 12:50:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623f0bfe-1d61"
content-length
7521
content-type
image/jpeg
fdaa7633c7620b1d101de4e7060d5bcb.jpg
exchange.informer.ua/assets/thumbnails/fd/ Frame 8151 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/fd/fdaa7633c7620b1d101de4e7060d5bcb.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3957b7224058132636b3ec1761106bad639c01867694edf4a92a8107909e0014

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=smak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Fri, 25 Mar 2022 10:20:09 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623d9759-242e"
content-length
9262
content-type
image/jpeg
e201a8192222e8dce64d12ccb897fcfe.jpg
exchange.informer.ua/assets/thumbnails/e2/ Frame 8151 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/e2/e201a8192222e8dce64d12ccb897fcfe.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0c2462fbb0f5e12ca3bdfd4775964c2be00f1cc0dafd58eaaaee0904ded013ce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=smak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sun, 27 Mar 2022 06:50:07 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6240091f-1ad6"
content-length
6870
content-type
image/jpeg
309f0409d8e0bb1476456db4eb232e49.jpg
exchange.informer.ua/assets/thumbnails/30/ Frame 8151 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/30/309f0409d8e0bb1476456db4eb232e49.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
7cd71bc78246a8930a275b10e331129825c49e5a59536bd3c8dddfe8a33558f4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=smak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Thu, 24 Mar 2022 15:51:03 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623c9367-1907"
content-length
6407
content-type
image/jpeg
876e12da48fde164d65ca1bf0c5cc3e9.jpg
exchange.informer.ua/assets/thumbnails/87/ Frame 8151 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/87/876e12da48fde164d65ca1bf0c5cc3e9.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
221dbb88d96e8e5e281fb4aa14e51ca9e9f52a6805784ff5c88b985f5e0030a8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=smak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:07 GMT
last-modified
Sat, 26 Mar 2022 11:20:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623ef6e6-17f4"
content-length
6132
content-type
image/jpeg
rexdot.js
gaua.hit.gemius.pl/__/_1648454598095/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1648454598095/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%...
  • https://gaua.hit.gemius.pl/__/_1648454598095/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok....
169 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1648454598095/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=268&lsdata=P.oRiwgR3AyNbiDX8GKVsh9tbhbTOAGzcUxPa2w6mKz.J7gjXKL7.TwVvVXs0B8uwdXLebe573u1cGDUDgF458qYb0Yn/JiGhEQHavp5sf/&fpdata=1TkVTw59dZ5iIBub5ZELEfMCC2EcX_kYBnWOsQt654T.r7&vis=1&fpcap=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
20014b132c13ee1c5ec07db0d85b7670a4a2f90e6051739d301b56ea66b311c0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Sun, 27 Mar 2022 08:03:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1648454598095/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=268&lsdata=P.oRiwgR3AyNbiDX8GKVsh9tbhbTOAGzcUxPa2w6mKz.J7gjXKL7.TwVvVXs0B8uwdXLebe573u1cGDUDgF458qYb0Yn/JiGhEQHavp5sf/&fpdata=1TkVTw59dZ5iIBub5ZELEfMCC2EcX_kYBnWOsQt654T.r7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 27 Mar 2022 08:03:18 GMT
b53_left.gif
i.bigmir.net/cnt/samples/default/ 		319 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/default/b53_left.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
last-modified
Tue, 23 Jan 2007 13:14:26 GMT
server
nginx
etag
"45b60a32-13f"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
319
expires
Thu, 31 Mar 2022 08:03:18 GMT
b53_center.gif
i.bigmir.net/cnt/samples/default/ 		96 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/default/b53_center.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
last-modified
Tue, 23 Jan 2007 13:14:25 GMT
server
nginx
etag
"45b60a31-60"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
96
expires
Thu, 31 Mar 2022 08:03:18 GMT
b53_right.gif
i.bigmir.net/cnt/samples/default/ 		319 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/default/b53_right.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
last-modified
Tue, 23 Jan 2007 13:14:26 GMT
server
nginx
etag
"45b60a32-13f"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
319
expires
Thu, 31 Mar 2022 08:03:18 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=22829
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
/
exchange.informer.ua/informer/stat/ Frame F086 		0
0
/
exchange.informer.ua/informer/stat/ Frame D409 		0
0
/
exchange.informer.ua/informer/stat/ Frame 67B9 		0
0
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r6460942&dholder1584315929&hhttps%3A//kolobok.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r6460942&dholder1466079092&hhttps%3A//kolobok.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame 5ADF 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fkolobok.ua
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63FE) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
462808
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Mar 2022 08:03:18 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (lhb/63FE)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
/
www.facebook.com/login/ Frame E74E
Redirect Chain
  • https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1de...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1def20ee03ab4c%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff25ad6fd66c4d98%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=59c7afe658f1e706debf8dde8da0c355
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
iDxmkhkiCCG/gfd4ZJxazpiiltzBdhLSRbmohh7jrR1Q9uCr3Wmia4coftc7rC3fwVnPgrplVLN8gv0RkC4QeQ==
date
Mon, 28 Mar 2022 08:03:18 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1def20ee03ab4c%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff25ad6fd66c4d98%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
MYfoKEitLSi2tnWuY9fihMQFxVj2tB2AOVgX2R37q9iZREIRZBp1Tp4fktKUc2uyBQmm79Vlv35QQ7HKrIwJZA==
content-length
0
date
Mon, 28 Mar 2022 08:03:18 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5cde4c546c360164/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5cde4c546c360164/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-122.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-akamai-origin-object-size
838
etag
-1347345604--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
838
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=62416bc6af9faaeb&bkl=0&bl=1&pdt=4064&sid=62416bc6af9faaeb&pub=ra-5cde4c546c360164&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=kolobok.ua&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D0%B1%D0%B5%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D1%8C%2C%D1%80%D0%BE%D0%B4%D1%8B%2C%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%83%D1%85%D0%BE%D0%B4%D1%83%20%D0%B7%D0%B0%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BA%D0%BE%D0%BC%2C%D0%B3%D1%80%D1%83%D0%B4%D0%BD%D0%BE%D0%B5%20%D0%B2%D1%81%D0%BA%D0%B0%D1%80%D0%BC%D0%BB%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D1%83%20%D0%BF%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%BE%D0%B2%2C%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B5%2C%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D0%B2%D0%B0%D1%8E%D1%89%D0%B8%D0%B5%20%D0%B8%D0%B3%D1%80%D1%8B%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%81%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%81%D0%BE%D0%B7%D1%80%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&colc=1648454598314&jsl=8321&uvs=62416bc6d7779235000&skipb=1&callback=addthis.cbs.jsonp__65054300404721040
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-122.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77deefb34532073409eb2d2ca0d3fabc4ae52dbe9efa3b9a423c3a3dbbc32966

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9DC7 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B56B 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-122.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Mon, 28 Mar 2022 08:03:18 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
client.ru.min.json
s7.addthis.com/l10n/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.ru.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-122.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-16d7"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
date
Mon, 28 Mar 2022 08:03:18 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
2276
57cd470545491dc516009b4a0f2ce49f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/62/66/19/8/6266198/image_main/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/66/19/8/6266198/image_main/57cd470545491dc516009b4a0f2ce49f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
432afd187fc4b0c54a34d64aa781668fd742849e1dd25f56cbd4075ef68ea07f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Sun, 27 Mar 2022 22:22:26 GMT
server
nginx
etag
"6240e3a2-2077"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8311
expires
Thu, 31 Dec 2037 23:55:55 GMT
fddfb4289822898802e06cc4877378f7-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/62/64/93/4/6264934/image_main/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/64/93/4/6264934/image_main/fddfb4289822898802e06cc4877378f7-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e23899b9b6ef42e1aef92b3c560b812cd94014b8ece0f82ae2d776e81fa3e207

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 25 Mar 2022 10:53:44 GMT
server
nginx
etag
"623d9f38-21ee"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8686
expires
Thu, 31 Dec 2037 23:55:55 GMT
e363caa48b8553c78fed9b25f1c2570f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/62/64/75/8/6264758/image_main/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/64/75/8/6264758/image_main/e363caa48b8553c78fed9b25f1c2570f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
cb230de69a93910ff904402e919abf8faafb246493b73781a7a2cb3f01bb2210

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Fri, 25 Mar 2022 07:01:36 GMT
server
nginx
etag
"623d68d0-193c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
6460
expires
Thu, 31 Dec 2037 23:55:55 GMT
4f766718877e4833f4ffaa48c5a11109-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/83/08/65/830865/image_main/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/83/08/65/830865/image_main/4f766718877e4833f4ffaa48c5a11109-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
3581f0e834228709370f78e7c7fd1dab7dc9406ae60f0c733434d336c1192716

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 21 Aug 2019 22:12:46 GMT
server
nginx
etag
"5d5dc1de-82ad"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
33453
expires
Thu, 31 Dec 2037 23:55:55 GMT
0fb54d692cc160fdd0befc41d90183ea-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/84/37/46/843746/image_main/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/84/37/46/843746/image_main/0fb54d692cc160fdd0befc41d90183ea-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
68b49ad658ae01cfe26de8e387992090d37d3f440a1f6c7ab3d49c2f9bbca78e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 21 Aug 2019 22:20:46 GMT
server
nginx
etag
"5d5dc3be-83a8"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
33704
expires
Thu, 31 Dec 2037 23:55:55 GMT
fb4138725e81539c908cf8266a816476-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/84/28/94/842894/image_main/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/84/28/94/842894/image_main/fb4138725e81539c908cf8266a816476-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
2f141a01a66c625b2b64a679736aff84221ed69cff589171da765b8b9d5ee0cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Wed, 21 Aug 2019 22:20:12 GMT
server
nginx
etag
"5d5dc39c-1cf8"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
7416
expires
Thu, 31 Dec 2037 23:55:55 GMT
925963b5f7e0233323b000f0cecf3c27-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/62/62/35/8/6262358/image_main/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/i/62/62/35/8/6262358/image_main/925963b5f7e0233323b000f0cecf3c27-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a093cc2d81f43a31a6727a3c301a9d775afe799e0981a96eef5cc1ccb3ab736d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:04 GMT
last-modified
Mon, 21 Mar 2022 23:21:30 GMT
server
nginx
etag
"6239087a-2749"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
10057
expires
Thu, 31 Dec 2037 23:55:55 GMT
z
s.znctrack.net/ Frame 316E 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.znctrack.net/z
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
670014e0ef5f65c31c2a93726560537bc01307d99c31be5d29ce7f7601a55045

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23332
expires
Thu, 01 Jan 1970 00:00:01 GMT
add-view
api.phnx.click/articles/stat/ 		39 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.phnx.click/articles/stat/add-view?cid=11&site=kolobok&aid=807247&0.5695292428818695
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://kolobok.ua
date
Mon, 28 Mar 2022 08:04:05 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
dsp.aspx
inv-nets.admixer.net/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5078773451356047&cpv=027adab5-3117-ab62-1be5-08511a0c2a61&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%225de4ccae-b0d9-e461-b3ac-0ebda0bfd947%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fkolobok.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22a2a09163-70d4-a6e5-9e03-029892e0ccf8%22%2C%22tagid%22%3A%228ea486a5-d161-46a5-a5a4-b1d24d77a9af%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1836467761%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%229aa35f2c-0ad9-8005-b5e2-224bf14fe49c%22%2C%22tagid%22%3A%22d064867f-940f-4efe-bb4f-c03ea7d2f330%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1320537623%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%22e3499b4f-83c8-5923-6393-2a06335555a6%22%2C%22tagid%22%3A%22a075cdda-98ba-41a3-b223-8962ea9eb7f3%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1619353633%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%224bec8036-fb8f-4f06-ad44-003ada9e4918%22%2C%22tagid%22%3A%2232016391-c510-4398-a7ee-c09e88869583%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1982059428%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A4%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
99de81c1ac85885a617cb8a8d9ad7042ffe7d836c47c1f84ff8c4872a444be09
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
5529
X-Xss-Protection
0
settings
syndication.twitter.com/ Frame 5ADF 		293 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=e6f6fb1cb78e1c93a2d157212b47b97e04bdd2b9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fkolobok.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
104
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 08:03:18 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8591f8b79decd246c54b8d76c06b7b48675184232eb3d84849c3cd712272a75c
content-length
186
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-122.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 28 Mar 2022 08:03:18 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kolobok.ua
date
Mon, 28 Mar 2022 08:03:18 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kolobok.ua
date
Mon, 28 Mar 2022 08:03:18 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/44184/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:58 GMT
server
nginx
etag
W/"621a6a26-702f"
vary
Accept-Encoding
x-cached-since
2022-03-18T11:52:25+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Mar 2023 11:52:25 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/44184/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:58:00 GMT
server
nginx
etag
W/"621a6a28-a793"
vary
Accept-Encoding
x-cached-since
2022-03-03T09:29:07+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 04 Mar 2023 09:29:07 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/44184/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-326c"
vary
Accept-Encoding
x-cached-since
2022-03-03T09:29:07+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 04 Mar 2023 09:29:07 GMT
182f2d74c34963cea11e.b.js
cdn.admixer.net/scripts3/44184/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/182f2d74c34963cea11e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-2a79"
vary
Accept-Encoding
x-cached-since
2022-03-03T09:29:13+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 04 Mar 2023 09:29:13 GMT
631117330f3e56489daa.b.js
cdn.admixer.net/scripts3/44184/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/631117330f3e56489daa.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:49 GMT
server
nginx
etag
W/"621a6a1d-3594f"
vary
Accept-Encoding
x-cached-since
2022-03-03T09:29:13+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 04 Mar 2023 09:29:12 GMT
v1
ww251.smartadserver.com/prebid/ 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww251.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:17 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kolobok.ua
date
Mon, 28 Mar 2022 08:03:18 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kolobok.ua
date
Mon, 28 Mar 2022 08:03:18 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
platform.twitter.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/635C) /
Resource Hash
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Content-Encoding
gzip
Age
462810
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
8012
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (lhb/635C)
Etag
"3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.34cf38a85ac899f1d6a0438a1659decc.js
platform.twitter.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/635A) /
Resource Hash
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Content-Encoding
gzip
Age
462809
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
6444
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (lhb/635A)
Etag
"0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 28 Mar 2022 09:03:18 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=A075CDDA-98BA-41A3-B223-8962EA9EB7F3&device=28&rule=990B1948-8B56-4DA2-BD8C-4C29C86D9944&requestId=b19922a9-fa7e-4ddf-a3f9-9f4aea9e1afa&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MTA%3D&asign=1946950308&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=C47A83CC-55B9-42E4-B331-49ED6E236C96&crid=C47A83CC-55B9-42E4-B331-49ED6E236C96&profile=7C88FCBA-DD81-4892-A724-C3969B97E235&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a7301a01-d6c7-4f7d-ad44-7c62c4e4eb59&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=1003130028&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&crid=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&size=350x240&profile=36DBA250-021E-4192-BB34-F2EE916251DD&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a7301a01-d6c7-4f7d-ad44-7c62c4e4eb59&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=1003130028&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&crid=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&size=350x240&profile=A01BDF0B-F125-40F1-9022-C7F2F7F7F847&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=75cec392-6e5f-4bdc-96da-cffda1d52f60&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=896746597&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&crid=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&size=350x240&profile=5EEA8F57-F0AA-4422-A5D9-20C13E0F2FBF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=75cec392-6e5f-4bdc-96da-cffda1d52f60&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=896746597&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&crid=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&size=350x240&profile=476857EE-5211-4F53-A2E9-6B14A06EFC2C&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
profile
cdn.syndication.twimg.com/timeline/ 		114 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ua_kolobok_old&dnt=false&domain=kolobok.ua&lang=ru&screen_name=ua_kolobok&suppress_response_codes=true&t=1831616&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
410d88fe9d242f0da3b7a56dc2566a87b670835bc15c7d0a09dd15234577e677
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
server-timing
"x-cache;desc= ,x-tw-cdn;desc=",edge;dur=184
content-length
7635
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
181
last-modified
Mon, 28 Mar 2022 08:03:18 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-tw-cdn
VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
e1c68fc32aff6d7bf5b87bf32d7babb56fcc79950850214dd3555d550045fbdc
timing-allow-origin
*
x-transaction
a726661e24937491
expires
Mon, 28 Mar 2022 08:08:18 GMT
impress
ad.mox.tv/delivery/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=kolobok.ua&top_url=https%3A%2F%2Fkolobok.ua%2F&domain=kolobok.ua&url=https%3A%2F%2Fkolobok.ua%2F&referrer=&async=1&uid=9119174279
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f74227b5201762a680687c4e5491ba5c60e49b4a19870447e2f2336525e4c9b3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://kolobok.ua
date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1E49 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf5c7610bd87737b2534fe3d3d24bcd27d13601e920b09dcd9184c51c3bf4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54124
x-xss-protection
0
server
cafe
etag
15000838766103897752
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 08:03:18 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a7301a01-d6c7-4f7d-ad44-7c62c4e4eb59&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=1003130028&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&crid=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&size=350x240&profile=A30ACB44-18F1-45CA-BA85-5B440B44C7DF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=a7301a01-d6c7-4f7d-ad44-7c62c4e4eb59&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MC4zOTY1NDA3NQ%3D%3D&asign=-1353331082&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&crid=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&size=728x90&profile=45223BF7-5B11-417C-A48B-79F59E3A3175&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
11225902
fly-request-id
01FMS6YMNS3M0PK361CWPXFMPT
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f2ed93b3fa8747c-LHR
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 28 Mar 2022 09:03:18 GMT
prebid.js
ad.mox.tv/js/achernar/ 		212 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 12:39:02 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6151bb66-34fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 28 Mar 2022 09:03:18 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ffbf0901d91c2643b9aef55cc55cb461e8be565f7b47289a03c321cb1cc4441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28045
x-xss-protection
0
server
sffe
etag
"1171 / 472 of 1000 / last-modified: 1648245909"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Mar 2022 08:03:18 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
11226047
fly-request-id
01FMS6T6DHW02K514WB9G767ZW
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f2ed93b3fad747c-LHR
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.vidver.to/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=07328346-3026-4edd-bf7c-cfb7239b8acd&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=07328346-3026-4edd-bf7c-cfb7239b8acd&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=b8283fc8-2a95-5357-becb-b653dc8add94&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65
  • https://ad.mediawayss.com/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
  • https://ad.vidverto.io/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=YWQudmlkdmVyLnRv
  • https://ad.vidver.to/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ad.vidver.to/delivery/sync?userid=ace9fc3c-5763-4de0-b130-8e7e3d124d65&inner_redirect=1&inner_uuid=07328346-3026-4edd-bf7c-cfb7239b8acd&redirect_host_list=
date
Mon, 28 Mar 2022 08:03:20 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
close.png
ad.mox.tv/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/images/close.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3eb4c5a5b9cbe9aca2ac1ea7729ee61b277819a7a7e2d0c657db0ac2f12efcfc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-3ca2"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
15522
expires
Mon, 04 Apr 2022 08:03:18 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=75cec392-6e5f-4bdc-96da-cffda1d52f60&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=896746597&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=D0EEA9F9-C933-4D86-8C78-4628D65839DD&crid=D0EEA9F9-C933-4D86-8C78-4628D65839DD&size=350x240&profile=08C7770D-D6A5-444B-8C99-6C11B1376450&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=c355093e314a7231&d=kolobok.ua
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
server
openresty
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/ Frame 1E49 		297 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65057dabea7ffc8d2ec9dd38e8346a57c243d8b238fea8ae5192f51d478027b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109455
x-xss-protection
0
server
cafe
etag
9109273769739410501
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 08:03:18 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4050 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3367fbe59fd7312d67e33be553be2ed59c0bc76b569db295706f5bd6306b5736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53857
x-xss-protection
0
server
cafe
etag
12677902634478442963
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 08:03:18 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=75cec392-6e5f-4bdc-96da-cffda1d52f60&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MA%3D%3D&asign=896746597&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=742F880D-0B09-4A22-9509-965113280D36&crid=742F880D-0B09-4A22-9509-965113280D36&size=350x240&profile=C27F7D27-35B0-471E-9AB7-5DD4D760EF40&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=8D7C258F-60C0-4EF0-91FA-5F7201809734&requestId=75cec392-6e5f-4bdc-96da-cffda1d52f60&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MC4zOTY1NDA3NQ%3D%3D&asign=948965661&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=CB144D34-D363-431F-86CE-451164B136E1&crid=CB144D34-D363-431F-86CE-451164B136E1&size=300x250&profile=45056D06-9DF3-4A81-A8EC-EC764B4150DB&isopt=0&adv=Google&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:18 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 07:58:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		297 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kolobok.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144
x-xss-protection
0
expires
Mon, 28 Mar 2022 08:03:19 GMT
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame C2B0 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6381) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Content-Encoding
gzip
Age
462811
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:21 GMT
Server
ECS (lhb/6381)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6381) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Content-Encoding
gzip
Age
462811
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:21 GMT
Server
ECS (lhb/6381)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
omZMXr6F_normal.jpg
pbs.twimg.com/profile_images/905017721569640448/ Frame C2B0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/905017721569640448/omZMXr6F_normal.jpg
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6330) /
Resource Hash
be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
x-content-type-options
nosniff
age
25337
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
content-length
2415
x-response-time
120
surrogate-key
profile_images profile_images/bucket/0 profile_images/905017721569640448
last-modified
Tue, 05 Sep 2017 10:38:13 GMT
server
ECS (lhb/6330)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a4efc4eeb00e6db2b705ab240d72ed805ba02ff0988598858c52afa34f02a924
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cookie.js
partner.googleadservices.com/gampad/ Frame 1E49 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 1E49 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1E49 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 57D0 		22 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
556f8e245e2c37f9d1103f6326b894a1fe9834454e93768a682bb2fe0a66da66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Mar 2022 08:03:19 GMT
server
cafe
content-length
11243
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Mar 2022 08:03:19 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1E49 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abd01eb281bbfb5c0d106518f4abc79796f5a1c3515266aa05b44b7677b3abd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10573
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ Frame 4050 		296 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7613c3e51915418c70a2edc2d30952d407d4628d3218ad648d68b382da720512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109246
x-xss-protection
0
server
cafe
etag
2559258145031725869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 08:03:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1E49 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:21 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 4050 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 4050 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4050 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E65B 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1975f998fffb17c4f5c197c4e0800eb640ee80655ad849d8861b036e6fd89680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Mar 2022 08:03:19 GMT
server
cafe
content-length
12804
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Mar 2022 08:03:19 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4050 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abf0a3fabc2e5d6e133cd13f3e6477cad421adba9c47c406b3effa2dc49e574c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10464
x-xss-protection
0
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kolobok.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://kolobok.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1121662594564131&correlator=712260807043531&eid=31064927%2C31065750%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_kolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=3616232717&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&abxe=1&dt=1648454599317&lmt=1648454599&dlt=1648454597209&idt=2049&biw=1600&bih=1200&adxs=310&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1681840888.1648454598&ga_sid=1648454598&ga_hid=554043228&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
36327423840ceb627323c58b9fd461dc26f527e6189432f68593a3289f4f8f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13417
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kolobok.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1121662594564131&correlator=712260807043531&eid=31064927%2C31065750%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_kolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=808509247&sfv=1-0-38&ecs=20220328&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&abxe=1&dt=1648454599324&lmt=1648454599&dlt=1648454597209&idt=2049&biw=1600&bih=1200&adxs=310&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1681840888.1648454598&ga_sid=1648454598&ga_hid=554043228&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f3710684391dba1cac362ecf873cb58f3c63bed5bae4059bdbaba7b1c79b0e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11456
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1121662594564131&correlator=712260807043531&eid=31064927%2C31065750%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckolobok.ua_C_WW_728x90_%2C728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=2315038124&sfv=1-0-38&ecs=20220328&fsapi=false&sc=1&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&abxe=1&dt=1648454599328&lmt=1648454599&dlt=1648454597209&idt=2049&biw=1600&bih=1200&adxs=310&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1681840888.1648454598&ga_sid=1648454598&ga_hid=554043228&ga_fc=true&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3dd012c8a75c38603d249015105a0205e185b87753fe6e4e0b52f966889feae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9743
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1121662594564131&correlator=712260807043531&eid=31064927%2C31065750%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1056586073&sfv=1-0-38&ecs=20220328&fsapi=false&sc=1&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&abxe=1&dt=1648454599330&lmt=1648454599&dlt=1648454597209&idt=2049&biw=1600&bih=1200&adxs=310&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1681840888.1648454598&ga_sid=1648454598&ga_hid=554043228&ga_fc=true&btvi=4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
aa1f0607dc5523572c28f9f4cc0a52485261d4a4085f85ec1303bd80eb60d4e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37320
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kolobok.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6711 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 28 Mar 2022 08:03:19 GMT
expires
Tue, 28 Mar 2023 08:03:19 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4050 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua&bust=31065832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:21 GMT
z
s.znctrack.net/ Frame 5329 		102 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.znctrack.net/z
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
048b2b6654bbae5d81f76ae1b0be4c5972d9e464171f08716348fe1597784c50

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://kolobok.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
jot.html
platform.twitter.com/ Frame 6681
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63BC) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests
1
Origin
https://kolobok.ua
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
462806
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Mar 2022 08:03:19 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (lhb/63BC)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Mon, 28 Mar 2022 08:03:19 GMT
pragma
no-cache
server
tsa_f
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Mon, 28 Mar 2022 08:03:19 GMT
x-transaction
b990dbbe3fc6b71d
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-response-time
112
x-connection-hash
8591f8b79decd246c54b8d76c06b7b48675184232eb3d84849c3cd712272a75c
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57D0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyyliGCXjO9kAqpYC0AHMF6mmjKoqGv6P_dlrwGqH2KZPa3QbYM9z8hQ5IVJ959bY-WH-XsGAmCNY8L1E1XjtuCSoN9fefmKl3CywxvHcSwXCg0AQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 57D0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:02:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 57D0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 57D0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:02:00 GMT
l
www.google.com/ads/measurement/ Frame 57D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRviNtgomaOOV4qX6uBgMhwIYBiqdWC4qmCKbI_S_ToMiZbie1sV9ZgrLz5UnyOrIrh8dkpVA544NwCHw8O1gjrNDmrNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 63AD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGN-Yq8IBMAE&v=APEucNX1aE_QO08FFNH2AtwMDqHZ_5SbBuHtW_Vrcxk9ssMJKFvkuKInh2FqMNTLgHcnyYOXT15EJINhVqEM3mcla5Z8ji2Q8tnAcAAI4G-rBqQJb_sz-AeJd0789Y3J6qyIKb4FoMjfCdnvbM2dDEurqmozn-txVoUwVN7FzlkwEgxjCB1qeJk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 28 Mar 2022 08:03:19 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 57D0 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLKlPGo4-7dA-73YQtPvLn5KXv8nDnJ9lDyeDayXrWUT1WA8giZse384G8hUyB0ZTdJisDgB4k0quS9-R4Vvh0OgBUPRV8X1IO3rSBGkI35zYrhuod9lq1BQMCq6M1rObSIBKnBLD9QPYSpM99S2FmEvobcw&cry=1&dbm_d=AKAmf-AdjBiehBhlrAgH7MFfWvb7t4DvuvycrzPKEDHW5c4x62O_fmbvgKv00lZ4JxWMsgfNBZLPzm4RWgFzc-ueLavv1sB1ukTuv1LodP7uxv_kcha0Gx9ymjV_4SqNLfWkp6cU_D4szshw1oivBTHMhmobg0rqIFyQzBE03eZ_1DgUA5Uaw7NWWDp5wqUJDIEFtFPxBAsXE5i8ddF17Ejq9QFuk0tZORnH_7cCBxJ07MkWTO5OJskSBQwQDPOD2fLlbikBO99eoCjfJRl0kCXBVP4otL2ds_NZEczXgTwY-pex3Ze7rlQV39xMYRhJ2RjHkIduyVjLLw9eFXu8Ljs6p8fzXMsFvSynrjMjg1K-kk0H23umxfM1SZldO709xNCHunKVlknAYO_XhqF0PMvli6AWYN8sHD2wnmUeRmdqw3GPNXzPL9DuoxDdn0w1ceL7uiAkpH3z36guC8GcdMd0a64RlFMRpHvmzT1ZIjjYIMFS_lKRcTqg1FJb3N1fauFejJB7qpw1qch09HvEfXBSricfv275RPlQn0I2cCPOJHT80EyX5I9W5-Lho-FT12dMG0RjlnECYQ7myCx7LJO7C5E9WCENibo5NMUIdNqNywo7sVjqyBkaFncwI2SKztN5JngRCUwfJeGqbnBeXhqxxcvMZi6Qkz9h1mLWdym54ZacbWRHUlXDJDIGYGMlYpy_MzxX2D3o2AYjWThasRDkV-hT6UISc0OFT1pSWJ45iK1vegBQtL31CGJglawGwbIkwp-0GWqAzUSp1A1FD0jQuWXdKYTggIq22bYzgRkPrEejVByWcuCg6RwnhnHGaFnUNKCb-IwYVdyA7cfNG-gmd_4OX8ZiPaUmMaR4VJgKCTkOdL6JNqhtVtoZDGHtXpD1mNutfOnc84VWLIGE6rpIXBDSmZOgEDgEI1jW6_3rKBdxsPPiZAhKySoQNJ85vbJaiIxYJ7G5Sk2s2BtZ9wdYh9-Fs8dBy5s6r2GMTFArTg54KavCpEXQ7BTSr_ioTWdEMAUHdoe4h74PchYtF39Uj_B8gddFdOad-0WCLmAisFl_C7ZXa6QA93JJwegd_HGMYLlNWYZ0mtTrsrUDhaj0VkP9RfFT5IW8YpTH_-tHm5wNGarbh6A4ht1vV2lAZmGCpLuw3QrW9GzorjcJsAuZRzP5gSSP4LfAP1lXdG0G80BzDjJwgB1fm4rIih19d6NEmoC5LovZXcBIJqxnNW0o3eh71_XoaMRhnm0A4l6mXIZHKIF7DWoTueZacYih3-2YoY9PH0Z8HnO3NI5iXgvB812KLe364v7Ln9SpcWoJUiOP9BBYL_wrPMi7VTDg-VZph57F--LhJ-9T5fFqgIjGMgriPslzgwX8F15Pgjj16LJIZ30aIHWR5zdpfNd-uslRuuEpjXFKNEXBwb0sFSIggi6NRGLQoA6hTMepDAGm7GHJPZEzUgl558oYWVjmrxn5RmUaj8T7PZdUWjNygrsfy9HpYxTOgHkli7mvsbEoMD9tQSOrU4DMGeulLPwTJp1XV2jSxxv0KtIYqQs9WbznU5R-J9rgts8MtgqitcEOCuxrpdTGlG1MxXF1EdRrqNJUVO8UqWWDA8qYT611k8bMTJaCsn8EFSCA00bC1CBe0Ci6RCp81zWZKWtAr3FFALL7nDLJ0HdXUbfAvWcULRyH7-5Z01-rlFTf6UBv835lqPu9QOHp8OPA81VYeYc-8bNAiLZQ9vSv_VTElGLgZ5pqiPY_c340PWMTiox9AoMOioXYYSKylr7xZO8UhJTJNFzTUaHx6YRiLWuhNFeq2omsdKaNnl2wixd9ngeFYjyPM6xuJGFPyHrxRWn8F__P00hHykApTB0mn891_S73h0ew5DUSBf4NXOnmVjZ_RAWbH_7X933RDIiQZKVxlhYXug953GcUn2sOD81nDppPFeMTe3-oMLLP3PWRpCfJfT8MCYSsldNW1sZvV6PBkdYpRLXDBov9WMN9XiXWoHTXniwELVRMP29Gewk8uPf6sSizfyAm1HNjmO5jUbsLk_8kihTyi_xKwLoWH5q51F_Aj1SvQHBTIiJRJw5p4k9K4WnbFkcaB57xhVKX_LfL1rKV4dLV7QMZiDP2UTR4k0WjRh65sT4uaUEfym-lFVy4uf2hp_fkX-ihPOEWjn21_jS7F6cDFA_HhTmbqSTrr0oJDqujxqwexA68B9spXZ0t_LfUTbPHeO6T9_IvPcu-FDBfjFG82QzcAY6G_qQFyaVtX_A4LgqcHuqto6dUP_qCSKWiCFArv3rEBnsn6iSSGKR_v-5ogOjbKoyqw4O_ND2dICKmfBgC3vk3rWlIPukxiFWw6yMLfD5i2nTn8pgz2h9Yzo_K0SGQltRaJq10lSbi_y4LQze3uKHVG8NYFHoe2djnxfqeFSDFKf8QtQHXcqFE66qZDf5nqlaBNFVYM0-npcmNtw5G2C5t284fuQlX5xFwxK910YMae2C4Cfq6e6-_uLl6GgIJEgAcyQOO8db8dV3gp3LDGhChXMljJkAT22fWHvguQu7kMeZoWw0PQMhLUGXNciMLKfh0dvJEcP6ESzhAIZnDIJ9eotG38_faybuijhHhQTpGMx1JQfvCV9GSGllWwAc9hovFLKlXbi4GawSPVODYmel0UBflhNM1k8b0zSraJ04lo1H6stAXfWSED4pYiz21U0b5pBRjgZoG18QEveis60Y535M8uMN6oP7tzzUoIMrN28opX2WDcEIUCdzBoz4sqdXKgkSzWcaQrzSF11OlNCy0h1-kaKvuj5Y8iR40kio64aKuuOvXIqyi5LcNcvMYg8hu_orOitRDwamWZU0QIPvJmadEWue5V9w1pZPCQSjJBB7_lida39K61Gb3D3Oxl6AbXLMN63R34vnnilNWwef9ZDdKzK7Deu_yhcbNLEjzw-IpRXJuaCwZeDLNKwnmmcWwVCA12YGLk8YRAeELH9UjEIZJyaoLK3Sw4entgXxnF0zEBmGrem-tzkfr085PynNk7CWHzm0te-QdR6vKjJSKLcH8K3aWBCAF856_pzGxcUQBFS58COq9rBEaEgztykqbqFIBX7j9S94kX1hGX1rie7dL2oTaDO9tnaihJNRQ8mvz5-Beycp-PjNWgnxy4igy85rs1aQ9HWDK1H4sLIgIn3pVWT1Yqhp_qlj1OjCZGDw8OQyvTSudy_WePPsuRApB&cid=CAASJeRoecDFDfXM9Tt6UGPIewrB1k5ak2TmYcRw0ZV5_ii-ZJN2AWA&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e03816dd95893fc5d3e382f3e132538da9fdbfa78974ecad87652ba2c8335e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 63AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-TlXZ9VsS3Uc0b2TpSrT0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-TlXZ9VsS3Uc0b2TpSrT0&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-TlXZ9VsS3Uc0b2TpSrT0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGN-Yq8IBMAE&v=APEucNX1aE_QO08FFNH2AtwMDqHZ_5SbBuHtW_Vrcxk9ssMJKFvkuKInh2FqMNTLgHcnyYOXT15EJINhVqEM3mcla5Z8ji2Q8tnAcAAI4G-rBqQJb_sz-AeJd0789Y3J6qyIKb4FoMjfCdnvbM2dDEurqmozn-txVoUwVN7FzlkwEgxjCB1qeJk
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 08:03:19 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-TlXZ9VsS3Uc0b2TpSrT0&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 28 Mar 2022 08:03:19 GMT
rum
dsum-sec.casalemedia.com/ Frame 63AD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkFrxxCBWadtG-rjpQt6kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGN-Yq8IBMAE&v=APEucNX1aE_QO08FFNH2AtwMDqHZ_5SbBuHtW_Vrcxk9ssMJKFvkuKInh2FqMNTLgHcnyYOXT15EJINhVqEM3mcla5Z8ji2Q8tnAcAAI4G-rBqQJb_sz-AeJd0789Y3J6qyIKb4FoMjfCdnvbM2dDEurqmozn-txVoUwVN7FzlkwEgxjCB1qeJk
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 08:03:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 63AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHxRTTYIMV401_eY60t-QF0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHxRTTYIMV401_eY60t-QF0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGN-Yq8IBMAE&v=APEucNX1aE_QO08FFNH2AtwMDqHZ_5SbBuHtW_Vrcxk9ssMJKFvkuKInh2FqMNTLgHcnyYOXT15EJINhVqEM3mcla5Z8ji2Q8tnAcAAI4G-rBqQJb_sz-AeJd0789Y3J6qyIKb4FoMjfCdnvbM2dDEurqmozn-txVoUwVN7FzlkwEgxjCB1qeJk
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d691886-997f-4000-a689-123966c2e9be
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHxRTTYIMV401_eY60t-QF0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGN-Yq8IBMAE&v=APEucNX1aE_QO08FFNH2AtwMDqHZ_5SbBuHtW_Vrcxk9ssMJKFvkuKInh2FqMNTLgHcnyYOXT15EJINhVqEM3mcla5Z8ji2Q8tnAcAAI4G-rBqQJb_sz-AeJd0789Y3J6qyIKb4FoMjfCdnvbM2dDEurqmozn-txVoUwVN7FzlkwEgxjCB1qeJk
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
02d434f2-89d9-432b-9efe-eff6d6d52d1a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 57D0 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLKlPGo4-7dA-73YQtPvLn5KXv8nDnJ9lDyeDayXrWUT1WA8giZse384G8hUyB0ZTdJisDgB4k0quS9-R4Vvh0OgBUPRV8X1IO3rSBGkI35zYrhuod9lq1BQMCq6M1rObSIBKnBLD9QPYSpM99S2FmEvobcw&cry=1&dbm_d=AKAmf-AdjBiehBhlrAgH7MFfWvb7t4DvuvycrzPKEDHW5c4x62O_fmbvgKv00lZ4JxWMsgfNBZLPzm4RWgFzc-ueLavv1sB1ukTuv1LodP7uxv_kcha0Gx9ymjV_4SqNLfWkp6cU_D4szshw1oivBTHMhmobg0rqIFyQzBE03eZ_1DgUA5Uaw7NWWDp5wqUJDIEFtFPxBAsXE5i8ddF17Ejq9QFuk0tZORnH_7cCBxJ07MkWTO5OJskSBQwQDPOD2fLlbikBO99eoCjfJRl0kCXBVP4otL2ds_NZEczXgTwY-pex3Ze7rlQV39xMYRhJ2RjHkIduyVjLLw9eFXu8Ljs6p8fzXMsFvSynrjMjg1K-kk0H23umxfM1SZldO709xNCHunKVlknAYO_XhqF0PMvli6AWYN8sHD2wnmUeRmdqw3GPNXzPL9DuoxDdn0w1ceL7uiAkpH3z36guC8GcdMd0a64RlFMRpHvmzT1ZIjjYIMFS_lKRcTqg1FJb3N1fauFejJB7qpw1qch09HvEfXBSricfv275RPlQn0I2cCPOJHT80EyX5I9W5-Lho-FT12dMG0RjlnECYQ7myCx7LJO7C5E9WCENibo5NMUIdNqNywo7sVjqyBkaFncwI2SKztN5JngRCUwfJeGqbnBeXhqxxcvMZi6Qkz9h1mLWdym54ZacbWRHUlXDJDIGYGMlYpy_MzxX2D3o2AYjWThasRDkV-hT6UISc0OFT1pSWJ45iK1vegBQtL31CGJglawGwbIkwp-0GWqAzUSp1A1FD0jQuWXdKYTggIq22bYzgRkPrEejVByWcuCg6RwnhnHGaFnUNKCb-IwYVdyA7cfNG-gmd_4OX8ZiPaUmMaR4VJgKCTkOdL6JNqhtVtoZDGHtXpD1mNutfOnc84VWLIGE6rpIXBDSmZOgEDgEI1jW6_3rKBdxsPPiZAhKySoQNJ85vbJaiIxYJ7G5Sk2s2BtZ9wdYh9-Fs8dBy5s6r2GMTFArTg54KavCpEXQ7BTSr_ioTWdEMAUHdoe4h74PchYtF39Uj_B8gddFdOad-0WCLmAisFl_C7ZXa6QA93JJwegd_HGMYLlNWYZ0mtTrsrUDhaj0VkP9RfFT5IW8YpTH_-tHm5wNGarbh6A4ht1vV2lAZmGCpLuw3QrW9GzorjcJsAuZRzP5gSSP4LfAP1lXdG0G80BzDjJwgB1fm4rIih19d6NEmoC5LovZXcBIJqxnNW0o3eh71_XoaMRhnm0A4l6mXIZHKIF7DWoTueZacYih3-2YoY9PH0Z8HnO3NI5iXgvB812KLe364v7Ln9SpcWoJUiOP9BBYL_wrPMi7VTDg-VZph57F--LhJ-9T5fFqgIjGMgriPslzgwX8F15Pgjj16LJIZ30aIHWR5zdpfNd-uslRuuEpjXFKNEXBwb0sFSIggi6NRGLQoA6hTMepDAGm7GHJPZEzUgl558oYWVjmrxn5RmUaj8T7PZdUWjNygrsfy9HpYxTOgHkli7mvsbEoMD9tQSOrU4DMGeulLPwTJp1XV2jSxxv0KtIYqQs9WbznU5R-J9rgts8MtgqitcEOCuxrpdTGlG1MxXF1EdRrqNJUVO8UqWWDA8qYT611k8bMTJaCsn8EFSCA00bC1CBe0Ci6RCp81zWZKWtAr3FFALL7nDLJ0HdXUbfAvWcULRyH7-5Z01-rlFTf6UBv835lqPu9QOHp8OPA81VYeYc-8bNAiLZQ9vSv_VTElGLgZ5pqiPY_c340PWMTiox9AoMOioXYYSKylr7xZO8UhJTJNFzTUaHx6YRiLWuhNFeq2omsdKaNnl2wixd9ngeFYjyPM6xuJGFPyHrxRWn8F__P00hHykApTB0mn891_S73h0ew5DUSBf4NXOnmVjZ_RAWbH_7X933RDIiQZKVxlhYXug953GcUn2sOD81nDppPFeMTe3-oMLLP3PWRpCfJfT8MCYSsldNW1sZvV6PBkdYpRLXDBov9WMN9XiXWoHTXniwELVRMP29Gewk8uPf6sSizfyAm1HNjmO5jUbsLk_8kihTyi_xKwLoWH5q51F_Aj1SvQHBTIiJRJw5p4k9K4WnbFkcaB57xhVKX_LfL1rKV4dLV7QMZiDP2UTR4k0WjRh65sT4uaUEfym-lFVy4uf2hp_fkX-ihPOEWjn21_jS7F6cDFA_HhTmbqSTrr0oJDqujxqwexA68B9spXZ0t_LfUTbPHeO6T9_IvPcu-FDBfjFG82QzcAY6G_qQFyaVtX_A4LgqcHuqto6dUP_qCSKWiCFArv3rEBnsn6iSSGKR_v-5ogOjbKoyqw4O_ND2dICKmfBgC3vk3rWlIPukxiFWw6yMLfD5i2nTn8pgz2h9Yzo_K0SGQltRaJq10lSbi_y4LQze3uKHVG8NYFHoe2djnxfqeFSDFKf8QtQHXcqFE66qZDf5nqlaBNFVYM0-npcmNtw5G2C5t284fuQlX5xFwxK910YMae2C4Cfq6e6-_uLl6GgIJEgAcyQOO8db8dV3gp3LDGhChXMljJkAT22fWHvguQu7kMeZoWw0PQMhLUGXNciMLKfh0dvJEcP6ESzhAIZnDIJ9eotG38_faybuijhHhQTpGMx1JQfvCV9GSGllWwAc9hovFLKlXbi4GawSPVODYmel0UBflhNM1k8b0zSraJ04lo1H6stAXfWSED4pYiz21U0b5pBRjgZoG18QEveis60Y535M8uMN6oP7tzzUoIMrN28opX2WDcEIUCdzBoz4sqdXKgkSzWcaQrzSF11OlNCy0h1-kaKvuj5Y8iR40kio64aKuuOvXIqyi5LcNcvMYg8hu_orOitRDwamWZU0QIPvJmadEWue5V9w1pZPCQSjJBB7_lida39K61Gb3D3Oxl6AbXLMN63R34vnnilNWwef9ZDdKzK7Deu_yhcbNLEjzw-IpRXJuaCwZeDLNKwnmmcWwVCA12YGLk8YRAeELH9UjEIZJyaoLK3Sw4entgXxnF0zEBmGrem-tzkfr085PynNk7CWHzm0te-QdR6vKjJSKLcH8K3aWBCAF856_pzGxcUQBFS58COq9rBEaEgztykqbqFIBX7j9S94kX1hGX1rie7dL2oTaDO9tnaihJNRQ8mvz5-Beycp-PjNWgnxy4igy85rs1aQ9HWDK1H4sLIgIn3pVWT1Yqhp_qlj1OjCZGDw8OQyvTSudy_WePPsuRApB&cid=CAASJeRoecDFDfXM9Tt6UGPIewrB1k5ak2TmYcRw0ZV5_ii-ZJN2AWA&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:59:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 57D0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLKlPGo4-7dA-73YQtPvLn5KXv8nDnJ9lDyeDayXrWUT1WA8giZse384G8hUyB0ZTdJisDgB4k0quS9-R4Vvh0OgBUPRV8X1IO3rSBGkI35zYrhuod9lq1BQMCq6M1rObSIBKnBLD9QPYSpM99S2FmEvobcw&cry=1&dbm_d=AKAmf-AdjBiehBhlrAgH7MFfWvb7t4DvuvycrzPKEDHW5c4x62O_fmbvgKv00lZ4JxWMsgfNBZLPzm4RWgFzc-ueLavv1sB1ukTuv1LodP7uxv_kcha0Gx9ymjV_4SqNLfWkp6cU_D4szshw1oivBTHMhmobg0rqIFyQzBE03eZ_1DgUA5Uaw7NWWDp5wqUJDIEFtFPxBAsXE5i8ddF17Ejq9QFuk0tZORnH_7cCBxJ07MkWTO5OJskSBQwQDPOD2fLlbikBO99eoCjfJRl0kCXBVP4otL2ds_NZEczXgTwY-pex3Ze7rlQV39xMYRhJ2RjHkIduyVjLLw9eFXu8Ljs6p8fzXMsFvSynrjMjg1K-kk0H23umxfM1SZldO709xNCHunKVlknAYO_XhqF0PMvli6AWYN8sHD2wnmUeRmdqw3GPNXzPL9DuoxDdn0w1ceL7uiAkpH3z36guC8GcdMd0a64RlFMRpHvmzT1ZIjjYIMFS_lKRcTqg1FJb3N1fauFejJB7qpw1qch09HvEfXBSricfv275RPlQn0I2cCPOJHT80EyX5I9W5-Lho-FT12dMG0RjlnECYQ7myCx7LJO7C5E9WCENibo5NMUIdNqNywo7sVjqyBkaFncwI2SKztN5JngRCUwfJeGqbnBeXhqxxcvMZi6Qkz9h1mLWdym54ZacbWRHUlXDJDIGYGMlYpy_MzxX2D3o2AYjWThasRDkV-hT6UISc0OFT1pSWJ45iK1vegBQtL31CGJglawGwbIkwp-0GWqAzUSp1A1FD0jQuWXdKYTggIq22bYzgRkPrEejVByWcuCg6RwnhnHGaFnUNKCb-IwYVdyA7cfNG-gmd_4OX8ZiPaUmMaR4VJgKCTkOdL6JNqhtVtoZDGHtXpD1mNutfOnc84VWLIGE6rpIXBDSmZOgEDgEI1jW6_3rKBdxsPPiZAhKySoQNJ85vbJaiIxYJ7G5Sk2s2BtZ9wdYh9-Fs8dBy5s6r2GMTFArTg54KavCpEXQ7BTSr_ioTWdEMAUHdoe4h74PchYtF39Uj_B8gddFdOad-0WCLmAisFl_C7ZXa6QA93JJwegd_HGMYLlNWYZ0mtTrsrUDhaj0VkP9RfFT5IW8YpTH_-tHm5wNGarbh6A4ht1vV2lAZmGCpLuw3QrW9GzorjcJsAuZRzP5gSSP4LfAP1lXdG0G80BzDjJwgB1fm4rIih19d6NEmoC5LovZXcBIJqxnNW0o3eh71_XoaMRhnm0A4l6mXIZHKIF7DWoTueZacYih3-2YoY9PH0Z8HnO3NI5iXgvB812KLe364v7Ln9SpcWoJUiOP9BBYL_wrPMi7VTDg-VZph57F--LhJ-9T5fFqgIjGMgriPslzgwX8F15Pgjj16LJIZ30aIHWR5zdpfNd-uslRuuEpjXFKNEXBwb0sFSIggi6NRGLQoA6hTMepDAGm7GHJPZEzUgl558oYWVjmrxn5RmUaj8T7PZdUWjNygrsfy9HpYxTOgHkli7mvsbEoMD9tQSOrU4DMGeulLPwTJp1XV2jSxxv0KtIYqQs9WbznU5R-J9rgts8MtgqitcEOCuxrpdTGlG1MxXF1EdRrqNJUVO8UqWWDA8qYT611k8bMTJaCsn8EFSCA00bC1CBe0Ci6RCp81zWZKWtAr3FFALL7nDLJ0HdXUbfAvWcULRyH7-5Z01-rlFTf6UBv835lqPu9QOHp8OPA81VYeYc-8bNAiLZQ9vSv_VTElGLgZ5pqiPY_c340PWMTiox9AoMOioXYYSKylr7xZO8UhJTJNFzTUaHx6YRiLWuhNFeq2omsdKaNnl2wixd9ngeFYjyPM6xuJGFPyHrxRWn8F__P00hHykApTB0mn891_S73h0ew5DUSBf4NXOnmVjZ_RAWbH_7X933RDIiQZKVxlhYXug953GcUn2sOD81nDppPFeMTe3-oMLLP3PWRpCfJfT8MCYSsldNW1sZvV6PBkdYpRLXDBov9WMN9XiXWoHTXniwELVRMP29Gewk8uPf6sSizfyAm1HNjmO5jUbsLk_8kihTyi_xKwLoWH5q51F_Aj1SvQHBTIiJRJw5p4k9K4WnbFkcaB57xhVKX_LfL1rKV4dLV7QMZiDP2UTR4k0WjRh65sT4uaUEfym-lFVy4uf2hp_fkX-ihPOEWjn21_jS7F6cDFA_HhTmbqSTrr0oJDqujxqwexA68B9spXZ0t_LfUTbPHeO6T9_IvPcu-FDBfjFG82QzcAY6G_qQFyaVtX_A4LgqcHuqto6dUP_qCSKWiCFArv3rEBnsn6iSSGKR_v-5ogOjbKoyqw4O_ND2dICKmfBgC3vk3rWlIPukxiFWw6yMLfD5i2nTn8pgz2h9Yzo_K0SGQltRaJq10lSbi_y4LQze3uKHVG8NYFHoe2djnxfqeFSDFKf8QtQHXcqFE66qZDf5nqlaBNFVYM0-npcmNtw5G2C5t284fuQlX5xFwxK910YMae2C4Cfq6e6-_uLl6GgIJEgAcyQOO8db8dV3gp3LDGhChXMljJkAT22fWHvguQu7kMeZoWw0PQMhLUGXNciMLKfh0dvJEcP6ESzhAIZnDIJ9eotG38_faybuijhHhQTpGMx1JQfvCV9GSGllWwAc9hovFLKlXbi4GawSPVODYmel0UBflhNM1k8b0zSraJ04lo1H6stAXfWSED4pYiz21U0b5pBRjgZoG18QEveis60Y535M8uMN6oP7tzzUoIMrN28opX2WDcEIUCdzBoz4sqdXKgkSzWcaQrzSF11OlNCy0h1-kaKvuj5Y8iR40kio64aKuuOvXIqyi5LcNcvMYg8hu_orOitRDwamWZU0QIPvJmadEWue5V9w1pZPCQSjJBB7_lida39K61Gb3D3Oxl6AbXLMN63R34vnnilNWwef9ZDdKzK7Deu_yhcbNLEjzw-IpRXJuaCwZeDLNKwnmmcWwVCA12YGLk8YRAeELH9UjEIZJyaoLK3Sw4entgXxnF0zEBmGrem-tzkfr085PynNk7CWHzm0te-QdR6vKjJSKLcH8K3aWBCAF856_pzGxcUQBFS58COq9rBEaEgztykqbqFIBX7j9S94kX1hGX1rie7dL2oTaDO9tnaihJNRQ8mvz5-Beycp-PjNWgnxy4igy85rs1aQ9HWDK1H4sLIgIn3pVWT1Yqhp_qlj1OjCZGDw8OQyvTSudy_WePPsuRApB&cid=CAASJeRoecDFDfXM9Tt6UGPIewrB1k5ak2TmYcRw0ZV5_ii-ZJN2AWA&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2023 15:10:47 GMT
truncated
/ 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		192 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
dinroundpro.woff2
kolobok.ua/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kolobok.ua/fonts/dinroundpro.woff2
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834

Request headers

Referer
https://kolobok.ua/css/style.min.css?8
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:04:06 GMT
last-modified
Fri, 07 Dec 2018 07:55:56 GMT
server
nginx
etag
"5c0a278c-8a10"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://kolobok.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
35344
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
servedby.flashtalking.com/imp/1/170420;6331246;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360728x90Kervin/ Frame 57D0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/170420;6331246;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360728x90Kervin/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kolobok.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkolobok.ua%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=609114.5582319482
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app2.lhr11 /
Resource Hash
8096f04e7e98dfc530ed79336d5b64bab69ac30bfefddda6bc12de3baddac5ae

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
prod-xre-app2.lhr11
X-HW
1648454599.dop215.lo4.t,1648454599.cds248.lo4.shn,1648454599.dop215.lo4.t,1648454599.cds006.lo4.sc,1648454599.cds006.lo4.p
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1471
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E65B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMbBvboiY-VKJaTHZPGQmNsF-LClaPAlieXRXiXVGpzB2LG3MmmMCi7XvQ60kt6mrPxQcZPRNX8cstkkRqZhChrueuM8UMsqvwxDV3Dll-99u4ozQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame E65B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=24745814&cmp=27440817&plc=331084922&sid=4007930&aufilter1=1819931&prr=1&ppid=103&autt=1&auevent=ABAjH0jeXgiGL2xfY0RuUUj-jfDk&c1=1819931&auorder=27319051&aucmp=16554449236&aucrtv=413083350&auxch=1&pltfrm=1&ausite=266259341223&turl=https://kolobok.ua/&aubndl=&dvregion=0&unit=300x250
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:494::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 09:42:27 GMT
Server
Microsoft-IIS/10.0
ETag
"95ce63d2d032d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
dvtp_src.js
cdn.doubleverify.com/ Frame E65B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:494::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae9d517b524b7ab6eee037b323de049b49944e62d9cf213b69169c68e0f3d0e5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Mar 2022 05:41:02 GMT
Server
Microsoft-IIS/10.0
ETag
"02bd0686642d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3302
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame E65B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:57:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E65B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame E65B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:02:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8BDE 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8Y1s38xAEwAQ&v=APEucNXqo81eH1TdpIPHjqX5OgyELLfwUzZGZ20-xQkXPBknVJNJlfpmGtwRBe5XjJmQfWHujH5pvRzZbK3hWwO8FLP7em68lf7JvB8aB_dV52TMeoOW54Hw-AogkWnz0ZqlLpUD8lagPWw78aWx0bcsHtMFyu8YgoIUrHbO8Yg1HeRO2YY2xxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 28 Mar 2022 08:03:19 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E65B 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIvZodBRfnZq50dUCqGA2ehGbaJR2UyRM67weqdXIVQ7TuNqu-vbomOR-s0rn8NeXlpzc6Hw0EjpxH1NdwC65bbCnPlHEY1Jfrlt5ltZ3tWfNAbWgJqDC4BM1B1d-UtgZO5rRaj6K-_NnJ9Y-QBn_qiND-Tg&dbm_d=AKAmf-BYyU4DiXGLJdBS34XItDAswacawaWuLngd_heWydj4oirOpkbEDKMaEUX29noWdrbI_j_sQ2ypM9RvostLkI__8HajLmLhCk2i4UbBYrr-spe3k5t8KhRz_JN_ZCxXyg04ePOzun5UN1I1oDTgHTI5bI3snWmkVokdckC8Xc7MRR_i9x50mVIkVDxnTyWtT6wL3ud3tKp2mxCQaTPx6Kq5YWRjKTeis6t7iswFTkL-jrce60YXO-gOdyxMV7vmVppwtc7aO_tXZNPVEEVcuR7dxWLyTdssZzboFbTulp3w8SdJni1OwLT91xM-Zpm80jHcV8yJOd6WeQO5fTqg4kJdbKsDo0qge5dPjisum63QbJdyyawA0LWHmXmUTTynZPp3uJrcoalfA9zInrl5BbnLSevrg8CzkKfNxGfsMT90aiPjUQXobZ5dVfIBB7JvKVrXq0uyWDr5gJkGdRIXn-dgG7JOr8dQVuDRZ_AKQuepML7NGC-nhCISJ4ecRTfMAHBNpzfU_uFY3jpV4nxYX99YlSCmWTU-9Bgb8P1wUBkDLcW9OfVnqfiVGzJYDADkUP-GN4Z0vIQ0twauczhifVBrpjfDt3hwngF8iH9d-yy6lQEayeG_w3w6dCSsFZ77ZuptKkIRTWpuMZ48SuvoChDeeMEKD5h3YCisEEUkTyRs2vrwWA1BRXXrwFohHQVgnlHaRYXdYhIzFmHFNJTCyZ-UGHX7bDrCkokSr3XiI3H_lHlQCJQVgHJY9Xn5Ij4hSscZQLrRJ0ccG8zM42P2Xcn45fT2lUy4gPSZWG73JMzgRzhjgDZdX4NNTAhq477P72i3zGwAv4qgN2yT817ySyBVqaU_jA2jClRBJ-yDHPLPC2-1T5cthDRmC7qmM3j6CcreeRAOy9DqYixGgjYI-Wz0a5gcuN2IP1pbVyAUeEgkS5BWadWm2jCtcXPyMQGIHv0Is9lclfv4L2khEiMmU6QQmG77DCyxtP04BudMFz5pryehghrtTKMtU6xRJy-LzFkRXtqbIjI4542zIYhws4KAbFv5AldqmnhIJGp2EBGxoftq5329b3Jz6kWtMhzDki_3vWBDe1VpnU-Tzs0P28IHp5QJuAOgJ66lZI-duMO-nD2c0OI94gb1p2miiiRm-0jY6BePHEgSIo6ADDL6j3bWf4nYj2X1ufyYGOq0qVWDpT2iMl2MDyW7WX6FSdozTQI90HsCbkuNsKYnWYKbZ7ykGx4y0rYUsybK9rI3R9DxltdSGjPDdcCv5I5lPi1ffscQrPy1pDYqR9iOf7SmBReJA6W2-YKd6Ap80iOuDVoZ4cSHXy7PnTlei_-VXBtTp9PA8htT9xlN5sHX3P18TaQtNbaGYm0qSLvP6r3gXj_wcNfrw4BpPt7GJC2PVk-EwtUZSOJflhQex2Rb0iuKpGJrTywGkCAM9Yt6dQVBM27FGhts1Rh9HZDdGy2078t9CIuQecanyKZWVas7drcTMQKcJshWK4NltH9K7SyXgPuQjAtXRxWxfHzMVRKAofJLzDIzifxtG5W_lXna8lCJ2Wo5xDS72LiSdeum__JY86LZp2WEcj3YW4A6oRnnN6PP1F9FLUz3BjZnNvS792dHq1jLe0MEqM8s3lThFGT92Bx692rFqg0XN8daclV5cBH8X54h8gvsU9n0OyQ0Jwx1o2eMtbyr323Ykwj6RlWjSawRLa9w2PHSgaEOXBUB972Z01QA8XbrGkFbEOHWlk-Oq-wazX9IMCx7BNYN4aOjY89fyfhMnmnSy5bGnLDzUHMOcrRZnQbgtnwKa0VsU8MOhqa9KyX5YFf_GPqU1IcdUofoLbWYY2I7SEgFHbNVeq-7PLmKmQdqR6yl0GrjBt4OiAsCB-fcsvd2i0yxzeTMYF5GFL_QhPD76l6z80hMi-qrXoPF_-cRz2v7GRAhW2BQDGmHj2ofR1IQ1CtdxYya7uV5NQFewHB9FCWc6mn3TRnade7ZbF1tkvgr2ZpcsUm0oudpqWHSblaMFqkKJvKuS3Ug3HeEfOEzI7W5qdYXVfkPZwz3oK0G1TqLfMmPVr2bmtJkSfEPEK4Qg4HLz6DL3enC2Y1nAIbrmQ01tMaZUQkm-Ne-Or7F6vGTQQVk_Jn4R28JxsQBPcsFffRkMrijpemBftJgaInK3OnMwaDqdmCXS_Ln44J08GCSv54flpxqEvScLD_CqmHTrKH8d8bJYmyR8YvNinF0ve2DxCtAKiVXp0lWejCSa1cq44pKI8Xc_SNcWgqO6zXaSNjFW1TwB-nWXhnEWoYpCtR2i60QvP1eeKE4cakpPtyCf5nCwqBBROVySO8BX4bCmziDJIZVHQTSXHScyoiHEx2tszOGyiHVLsjdYm7ixTXxlJ0Qb5-P0U_yZrfJk6pagyagcBXVcBqXhUcnOmvG07wfGl0CvHjX5Ewljkaj0DdaJLzcjumVT6t1JyiPmTjF6GzMX8NTrkeoUdEhLdnD9TJxEuJQ_wEUsEO9nzOmF4-s2DcxVNg-Uxa3yt-YhL-axMp27qGRb39s9kd-lh3nlwRu87eA1O-Nqrfhl1_ln32wYN1wt0bzUiTCD7bQTn4_Ar3HOg33waLoIWLkZu4ZcQzisQheHWqtU2qDHtvEeoj9T_tyYHIPjCnr-5c17Q&cid=CAASJeRoRqhwUOWhuWwV23AvExdQKfi3g0gZNOEPA5ALOBggoc_sCU4&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5620d24ae7eafd480b2f5b26c26e63e1fb4c3f88d8201bfe8a4d4066bd113ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10744
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 40DF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Mar 2022 09:34:28 GMT
expires
Fri, 24 Mar 2023 09:34:28 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
340131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame 8BDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyt-4OQUsJw-fiLOn1yxWQ&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyt-4OQUsJw-fiLOn1yxWQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8Y1s38xAEwAQ&v=APEucNXqo81eH1TdpIPHjqX5OgyELLfwUzZGZ20-xQkXPBknVJNJlfpmGtwRBe5XjJmQfWHujH5pvRzZbK3hWwO8FLP7em68lf7JvB8aB_dV52TMeoOW54Hw-AogkWnz0ZqlLpUD8lagPWw78aWx0bcsHtMFyu8YgoIUrHbO8Yg1HeRO2YY2xxA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 08:03:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFyt-4OQUsJw-fiLOn1yxWQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8BDE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkFrxxCBWadtG-rjpQt6mQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8Y1s38xAEwAQ&v=APEucNXqo81eH1TdpIPHjqX5OgyELLfwUzZGZ20-xQkXPBknVJNJlfpmGtwRBe5XjJmQfWHujH5pvRzZbK3hWwO8FLP7em68lf7JvB8aB_dV52TMeoOW54Hw-AogkWnz0ZqlLpUD8lagPWw78aWx0bcsHtMFyu8YgoIUrHbO8Yg1HeRO2YY2xxA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 08:03:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ68tL54VOKxEPydIh5iRWY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8BDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIXJZMp_eNZ0wN_ogDwidU8&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIXJZMp_eNZ0wN_ogDwidU8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8Y1s38xAEwAQ&v=APEucNXqo81eH1TdpIPHjqX5OgyELLfwUzZGZ20-xQkXPBknVJNJlfpmGtwRBe5XjJmQfWHujH5pvRzZbK3hWwO8FLP7em68lf7JvB8aB_dV52TMeoOW54Hw-AogkWnz0ZqlLpUD8lagPWw78aWx0bcsHtMFyu8YgoIUrHbO8Yg1HeRO2YY2xxA
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
571ac53d-4fb0-4e40-bc61-9a7d00da5086
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIXJZMp_eNZ0wN_ogDwidU8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8BDE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8Y1s38xAEwAQ&v=APEucNXqo81eH1TdpIPHjqX5OgyELLfwUzZGZ20-xQkXPBknVJNJlfpmGtwRBe5XjJmQfWHujH5pvRzZbK3hWwO8FLP7em68lf7JvB8aB_dV52TMeoOW54Hw-AogkWnz0ZqlLpUD8lagPWw78aWx0bcsHtMFyu8YgoIUrHbO8Yg1HeRO2YY2xxA
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:19 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
87aea320-a17a-4532-b32e-c0e795631949
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 08:03:19 GMT
expires
Tue, 28 Mar 2023 08:03:19 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=TURsMlhGNm1MTkhFUWdDMVluQU5MK0ZOdG5MVXI0SWdyRmR1K2tWeGNRWmlEbmtUUytVdGhaQ3hncmRuU3d2ZjNhbkFNVmtFaW80RXY0QmovRzEvU1l0L01PT0JTTzlxQkpNeFh0Rzk4Q3I1d1JSYnVpZllWbkFrN3ZaNkxZY24xWEhDUW1hR1RId3BGeW90WWM2T1Q1cWc3OUZpL0lEcmtyMFdUc29zL3ZWNTJKeW9XcSs3M0xoWTg2Wml5c1ZFY2VrWDJZMVJYcHZ6MnQ3Nkx5bi91QkI5dk85SHV4ZFExVlQvNlUxN2lyQ1ZBbkNLUjdUYWF2R090RVRSaWdDMQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 1962 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
571973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1962 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
571973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1962 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
571973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1962 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1962 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
59944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
css
fonts.googleapis.com/ Frame 1962 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 07:41:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Mar 2022 08:03:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Mar 2022 08:03:19 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1962 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 18:06:10 GMT
x-content-type-options
nosniff
server
cafe
age
50229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6726277462267614359
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Mon, 28 Mar 2022 18:06:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1962 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
54254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 28 Mar 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame 1962 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReA3e_9eu6JBmHnGKil5KIX7b59sUQnSBRaPvqj9NyYJiDxdVt3RBt518P-nEH9oAd3yexq4FIjQhWfdfoxBMiEVsLAQ
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
B23784885.268260135;dc_pre=CPXX6Par6PYCFWWTdwodIIUFSQ;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 1962
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23784885.268260135;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23784885.268260135;dc_pre=CPXX6Par6PYCFWWTdwodIIUFSQ;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23784885.268260135;dc_pre=CPXX6Par6PYCFWWTdwodIIUFSQ;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23784885.268260135;dc_pre=CPXX6Par6PYCFWWTdwodIIUFSQ;dc_trk_aid=462996370;dc_trk_cid=102117753;ord=1739304401;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1962 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-Frfx2tBYsKsGtWRrATC3pzwAYmV7Ylp3OK4iOQKwI23ARABIPuf_GJgu76ug9AKoAHv9Y7bA8gBCeACAKgDAcgDCqoE3wFP0L2O3Y-_Bf3CAs88Ex4VwqpCKWmmaoWu8KKUV0HDxYvB2tZG3osripdCsFaoIOS6S3mIo7m_Z9Ttr3_e4eC4noHUympObIwwUXLTVZ7EluE9V0FLZEr_Cmw_5IvrOgUlihP8gY8DCBIlyD4BHnhxbE78yXSd903ENv63oXOc1OLhXoZvvv6NmsDMENpLHVr0oFRa-ZiJjB-dgb9vQ96mzSExHX7AcNwZuQPmPax--RCIVb8RTX0jKuaCllXcQ_K0g8avN_-DQdisuxTeD32IwYRLykSpI0m55WQhsrV0wATtoa3ktALgBAGSBQQIBBgBkgUECAUYBKAGLoAHnrabKagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIqlNNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTU4OTQ3MDU3MTg3MzM1OYAKA8gLAbgTiCfYEw2IFAbQFQGAFwGyFx4KHAgAEhRwdWItMzE5MTI4OTg4MjA0NTE1NRjNnms&sigh=yscCGOGXxqs&uach_m=[UACH]&template_id=5000
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=WHBpcHlYK2d2aTR4NjUzcTFZaVY3VXMyTzhxYURCdXNLaDlzYkhoSCswREV2a09YSy9UL3J1dUwxK1A0VWVKTWlkbHY0VnF3dVFWc2NCb2M5UUlERTUzM3NZazVVZUE1d051SzBBOGd6eUtJdWgwYlg3NnBlakkvR0ZlRnFwT0hOdUxJYmNjMDBQY0VDUnp4Ukp1cnIydTFVcmYzYjY0SmF4dlV0ZjVWQVQ3TjhQY2ZBMkMwQkZRb0F1bkdGd1o1eDBROEtCZ3hUNi9wVHN3c0hKR2MxUUdIWk9jNGMzeHNyRlpzZmhUcVlOUVRvOFNxMG9Lb1RlWDcwanpHemVzZg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E65B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIvZodBRfnZq50dUCqGA2ehGbaJR2UyRM67weqdXIVQ7TuNqu-vbomOR-s0rn8NeXlpzc6Hw0EjpxH1NdwC65bbCnPlHEY1Jfrlt5ltZ3tWfNAbWgJqDC4BM1B1d-UtgZO5rRaj6K-_NnJ9Y-QBn_qiND-Tg&dbm_d=AKAmf-BYyU4DiXGLJdBS34XItDAswacawaWuLngd_heWydj4oirOpkbEDKMaEUX29noWdrbI_j_sQ2ypM9RvostLkI__8HajLmLhCk2i4UbBYrr-spe3k5t8KhRz_JN_ZCxXyg04ePOzun5UN1I1oDTgHTI5bI3snWmkVokdckC8Xc7MRR_i9x50mVIkVDxnTyWtT6wL3ud3tKp2mxCQaTPx6Kq5YWRjKTeis6t7iswFTkL-jrce60YXO-gOdyxMV7vmVppwtc7aO_tXZNPVEEVcuR7dxWLyTdssZzboFbTulp3w8SdJni1OwLT91xM-Zpm80jHcV8yJOd6WeQO5fTqg4kJdbKsDo0qge5dPjisum63QbJdyyawA0LWHmXmUTTynZPp3uJrcoalfA9zInrl5BbnLSevrg8CzkKfNxGfsMT90aiPjUQXobZ5dVfIBB7JvKVrXq0uyWDr5gJkGdRIXn-dgG7JOr8dQVuDRZ_AKQuepML7NGC-nhCISJ4ecRTfMAHBNpzfU_uFY3jpV4nxYX99YlSCmWTU-9Bgb8P1wUBkDLcW9OfVnqfiVGzJYDADkUP-GN4Z0vIQ0twauczhifVBrpjfDt3hwngF8iH9d-yy6lQEayeG_w3w6dCSsFZ77ZuptKkIRTWpuMZ48SuvoChDeeMEKD5h3YCisEEUkTyRs2vrwWA1BRXXrwFohHQVgnlHaRYXdYhIzFmHFNJTCyZ-UGHX7bDrCkokSr3XiI3H_lHlQCJQVgHJY9Xn5Ij4hSscZQLrRJ0ccG8zM42P2Xcn45fT2lUy4gPSZWG73JMzgRzhjgDZdX4NNTAhq477P72i3zGwAv4qgN2yT817ySyBVqaU_jA2jClRBJ-yDHPLPC2-1T5cthDRmC7qmM3j6CcreeRAOy9DqYixGgjYI-Wz0a5gcuN2IP1pbVyAUeEgkS5BWadWm2jCtcXPyMQGIHv0Is9lclfv4L2khEiMmU6QQmG77DCyxtP04BudMFz5pryehghrtTKMtU6xRJy-LzFkRXtqbIjI4542zIYhws4KAbFv5AldqmnhIJGp2EBGxoftq5329b3Jz6kWtMhzDki_3vWBDe1VpnU-Tzs0P28IHp5QJuAOgJ66lZI-duMO-nD2c0OI94gb1p2miiiRm-0jY6BePHEgSIo6ADDL6j3bWf4nYj2X1ufyYGOq0qVWDpT2iMl2MDyW7WX6FSdozTQI90HsCbkuNsKYnWYKbZ7ykGx4y0rYUsybK9rI3R9DxltdSGjPDdcCv5I5lPi1ffscQrPy1pDYqR9iOf7SmBReJA6W2-YKd6Ap80iOuDVoZ4cSHXy7PnTlei_-VXBtTp9PA8htT9xlN5sHX3P18TaQtNbaGYm0qSLvP6r3gXj_wcNfrw4BpPt7GJC2PVk-EwtUZSOJflhQex2Rb0iuKpGJrTywGkCAM9Yt6dQVBM27FGhts1Rh9HZDdGy2078t9CIuQecanyKZWVas7drcTMQKcJshWK4NltH9K7SyXgPuQjAtXRxWxfHzMVRKAofJLzDIzifxtG5W_lXna8lCJ2Wo5xDS72LiSdeum__JY86LZp2WEcj3YW4A6oRnnN6PP1F9FLUz3BjZnNvS792dHq1jLe0MEqM8s3lThFGT92Bx692rFqg0XN8daclV5cBH8X54h8gvsU9n0OyQ0Jwx1o2eMtbyr323Ykwj6RlWjSawRLa9w2PHSgaEOXBUB972Z01QA8XbrGkFbEOHWlk-Oq-wazX9IMCx7BNYN4aOjY89fyfhMnmnSy5bGnLDzUHMOcrRZnQbgtnwKa0VsU8MOhqa9KyX5YFf_GPqU1IcdUofoLbWYY2I7SEgFHbNVeq-7PLmKmQdqR6yl0GrjBt4OiAsCB-fcsvd2i0yxzeTMYF5GFL_QhPD76l6z80hMi-qrXoPF_-cRz2v7GRAhW2BQDGmHj2ofR1IQ1CtdxYya7uV5NQFewHB9FCWc6mn3TRnade7ZbF1tkvgr2ZpcsUm0oudpqWHSblaMFqkKJvKuS3Ug3HeEfOEzI7W5qdYXVfkPZwz3oK0G1TqLfMmPVr2bmtJkSfEPEK4Qg4HLz6DL3enC2Y1nAIbrmQ01tMaZUQkm-Ne-Or7F6vGTQQVk_Jn4R28JxsQBPcsFffRkMrijpemBftJgaInK3OnMwaDqdmCXS_Ln44J08GCSv54flpxqEvScLD_CqmHTrKH8d8bJYmyR8YvNinF0ve2DxCtAKiVXp0lWejCSa1cq44pKI8Xc_SNcWgqO6zXaSNjFW1TwB-nWXhnEWoYpCtR2i60QvP1eeKE4cakpPtyCf5nCwqBBROVySO8BX4bCmziDJIZVHQTSXHScyoiHEx2tszOGyiHVLsjdYm7ixTXxlJ0Qb5-P0U_yZrfJk6pagyagcBXVcBqXhUcnOmvG07wfGl0CvHjX5Ewljkaj0DdaJLzcjumVT6t1JyiPmTjF6GzMX8NTrkeoUdEhLdnD9TJxEuJQ_wEUsEO9nzOmF4-s2DcxVNg-Uxa3yt-YhL-axMp27qGRb39s9kd-lh3nlwRu87eA1O-Nqrfhl1_ln32wYN1wt0bzUiTCD7bQTn4_Ar3HOg33waLoIWLkZu4ZcQzisQheHWqtU2qDHtvEeoj9T_tyYHIPjCnr-5c17Q&cid=CAASJeRoRqhwUOWhuWwV23AvExdQKfi3g0gZNOEPA5ALOBggoc_sCU4&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2023 15:10:47 GMT
j-6331246-3451559.js
cdn.flashtalking.com/xre/633/6331246/3451559/js/ Frame 57D0 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/633/6331246/3451559/js/j-6331246-3451559.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/170420;6331246;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360728x90Kervin/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kolobok.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkolobok.ua%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=609114.5582319482
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d89758868d2d1c41a66fe09b0666b36eaa787081a7dc46073770ff9540718165

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 10:59:12 GMT
Server
Flashtalking (AKA)
ETag
W/"2bada6f5fc91079e606bfe12b1bb4645"
Vary
Accept-Encoding
X-Varnish
658437399 662017957
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
14533
Expires
Mon, 28 Mar 2022 08:23:20 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 40DF 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
dvbs_src_internal101.js
cdn.doubleverify.com/ Frame E65B 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=24745814&cmp=27440817&plc=331084922&sid=4007930&aufilter1=1819931&prr=1&ppid=103&autt=1&auevent=ABAjH0jeXgiGL2xfY0RuUUj-jfDk&c1=1819931&auorder=27319051&aucmp=16554449236&aucrtv=413083350&auxch=1&pltfrm=1&ausite=266259341223&turl=https://kolobok.ua/&aubndl=&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:494::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 09:42:39 GMT
Server
Microsoft-IIS/10.0
ETag
"80d16fd9d032d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18088
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E5DC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Mar 2022 09:34:28 GMT
expires
Fri, 24 Mar 2023 09:34:28 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
340131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
verify.js
rtb0.doubleverify.com/ Frame E65B 		1 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_357257747773&jsTagObjCallback=__tagObject_callback_357257747773&num=6&ctx=24745814&cmp=27440817&plc=331084922&sid=4007930&advid=&adsrv=&unit=300x250&isdvvid=&uid=357257747773&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0jeXgiGL2xfY0RuUUj-jfDk&aucmp=16554449236&aucrtv=413083350&auorder=27319051&ausite=266259341223&auxch=1&pltfrm=1&aufilter1=1819931&autt=1&c1=1819931&turl=https://kolobok.ua/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&prr=1&aUrlD=0&m1=13&noc=4&fcifrms=29&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tau&dvp_exetime=5.50&aubndl=&callbackName=__verify_callback_357257747773
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
69e3e2eea2a90e3801376c71e15c6e8c99bb1daa450036f7ca7c3091ac446583

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
0
Connection
keep-alive
Expires
03/27/2022 08:03:20
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=32016391-c510-4398-a7ee-c09e88869583
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=a075cdda-98ba-41a3-b223-8962ea9eb7f3
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
container.html
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 707F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 08:03:19 GMT
expires
Tue, 28 Mar 2023 08:03:19 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=MW1DdnIxeEpzU1RocjF6NG5kbldSSmpabFlRNGl5QXBVT0VvRlRqUlJnTmJRaDU2WEVVVzJUejN6WWV2ZjZidzc4U0ZWeTZiZnpycUNOa1M1UThUbFdUUWczRHY1VW1UR0FyT3dsaWdlSXRqQXpNdHorcm44NzNkTUVIU0hDRTRBZDl3WjVKRVRicnBDT0lHN2hBanl2Yjg2QXpldzAzSHVLcmxhZ0J3QUJOaHVmdDU4S0Q0d0pRZitCQndGR0JlQ0lXcjhPdHZVUnF5SzFuejRIU0VCQmJHaTlGVEk3d2xUR0EzQmtSb2RwUlBVQkpuQzlPVGdsV1FaeUhJdXg5OA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=8ea486a5-d161-46a5-a5a4-b1d24d77a9af
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=a7301a01-d6c7-4f7d-ad44-7c62c4e4eb59&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MC4zOTY1NDA3NQ%3D%3D&asign=-1353331082&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&crid=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&size=728x90&profile=45223BF7-5B11-417C-A48B-79F59E3A3175&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:19 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 91AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CN-VMx2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEgQJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfX364LDSHaFniYJBeVqGNhkyQ8VE7cTN_GXeuEibXYISpFU9fuqs-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEyOTA5OTU5MDE5MDU1ODgYu4l2&sigh=RdeDiZTscwc&uach_m=[UACH]&cid=CAQSPACNIrLMhyD6lHHD50wXhWm4pUMUoSYWptSl9nT0w9ij_Z0eQiDwNE4rcDHSaJwjCXomd3gK2oH9f26g1BgB
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 91AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UJrUEI-3E6IHtAGH-lcYAgAAAIHcRjU70m24EMZrQWKfygyeFoOo38gvsQAS&wp=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
server
Kestrel
server-processing-duration-in-ticks
314279
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame BFE1 		166 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
41762d462bdc307fc28ffca9ac5f9d02490a0f75836a24b0452308917710b594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rAmEDBpumL3e34KYBjMqBpK1yROJUanr3ENTZHqwZBGvcXhFz1q9Re34UWy5qVywJNbaMBjFcGHB2osL5BJMwImLJTJyz-FSqqj2wEALVBhYK4mm5nJGUOohqVVRhxNGqMOrOV0910hfL-hVDnoStWugYONpUxPSFGbdbvtnSlBKI2gSjtCwzQLP9h_rzJt4nyU96bhjG53tIwndmUZAkwlTo6FLRitNgGwvJZ75IAPOQrpmmWxWYIRmu3EG_6wZEICChw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
79112489
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 91AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:57:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EAD4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
7776
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91AE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:19 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 91AE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:02:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 91AE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5779956624927747495/ Frame 1962 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5779956624927747495/downsize_200k_v1?w=400&h=209
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe3f46550860bcf76984a397a672e53980e1f9f1a9178f3020a721de9185a173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:20:38 GMT
x-content-type-options
nosniff
age
60161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14927
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 18:01:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 27 Mar 2023 15:20:38 GMT
truncated
/ Frame 1962 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1962 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6323206d42f99fcd2deeeb2d0efdb0356bae21c0387468ebd8a5311e7a0f4053

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1962 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b98294db70cc50ca4fb25524ad10d5298b1a37064b6a94e6c49882869aee88bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 1962 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kolobok.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
465343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:47:37 GMT
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=d064867f-940f-4efe-bb4f-c03ea7d2f330
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 08:03:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=8D7C258F-60C0-4EF0-91FA-5F7201809734&requestId=75cec392-6e5f-4bdc-96da-cffda1d52f60&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MC4zOTY1NDA3NQ%3D%3D&asign=948965661&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=CB144D34-D363-431F-86CE-451164B136E1&crid=CB144D34-D363-431F-86CE-451164B136E1&size=300x250&profile=45056D06-9DF3-4A81-A8EC-EC764B4150DB&isopt=0&adv=Google&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
container.html
06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 08:03:19 GMT
expires
Tue, 28 Mar 2023 08:03:19 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=Zm5hNHp5a2tSeDBnQmMrd1FhcElRcmRQK2dzTTM5L2xGRS90ZC9kVXArTUFIWGpRTGlNN2tFeHJxcWp2N3dmeldCRXJxczBqbmRrWng5ZGJTVVZqOVFqbU42YnpsMmZ4UU95aHhzTDA4eGs5V0FLbmt5Sy85Q09DVnl3WFVUYjZmSXRIYW1lcVJvRzRncHNZSXdXUmlaL0toYVg4d0ZMV3U5MTlPd1NSRDNpZFJ0S3ltVzZvQVE4YVF5RWMybk9MOXhiMktTY2dBU01oU1c4VWVqVlYyRGxKcjlnNE5FSTJ4K1lOMEt2R2tSUTByckhaQ0VCY3p1S202dUoyVElEUg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40DF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBf1qx2tBYof8G4bz3wORhrmgBAAAAAA4AeAEAg&bg=!kJOlk9fNAAbzJazn0yU7ACkAdvg8WgDahGY0_H1XErwTL9MbFwrU6HKeXTD6lTUF7WCo8DTP2--HnwIAAADwUgAAAAJoAQeZAwxlHce63sYut_csD8yt2ms43W4S6KGpRiJwfME6PHXlQtev9rnX4eXYek7eIP2Lz1QPFS0jk8a2u14s9_yk3E9_5__gOpfgqELuRtliNDzFkEgNmm8ROqT_0cpLgAYtTdLeClnRagR4NwZXeSlX4BY278A5l6TRzT8Rnemk4dD6LsGYflCHVvQcmujZiK_tIjy9Cf8RDrty9FaXqSpJHVYhx000_PPj_dJLbp3y8uxIxfau8-G6ggH2QCLkQjLVZnelWtRftWtAjoM9Vvu_kowYPSLX-VL9UYNCicNDjxDuOHqBHd8j6Bg7h9qShcF4OgGsJlICwJjDXZq8E8lDUPw06VAD5dVvhIsQWCpjyS4IC7upIy0Oj2Ob05Hm5DpddpEJxEZmPbRleRABoHJk0x6cDjt0O8YPtWPmD3dJbuvBuhARsPEzYp3ru0SonsAMaEN7nQYZ6uQDRyDlIEQjooHayIAaPB9ZcNEGFJr3NxOfBG4qpicBd-g_OtcVhTer64zZaCHx2uB0r6iWWZpJi61ZvcuLdtLCCuFiYnDZrBYfuMoTVwsxD5ymtujJ1K_XIimR6m8BRifMuFLiMj9y_FPkoOanT1codUqNnCgH2HT3vYL1Vj97bxEWv9q_9w1tt3ifCN_CYVpWSty8slF_ssZ51n1LFqXnlGEhHlcwloMQJm3AJyUJlNahKTYHcR9E3zD8RkhacrZll3RXOi9XYKUQOp8IWKIoMHWvNRSWwg6calktVwrJxPD1n6wX4r9UpFNqcjeKWuUXvBM2zHkO1HGg4ISqoMGI7Z_N_N80eVrYxJ-_hzubodg02sWb7mbGWGAT_BG46rss4gemLpMqn8TQ_BSKFbrGA1Q926q322la2RAopbpuMCdd3xOBNxppbrU-hkwtSdhFIXxzXWcCtsgiTGHW5t7QkOWfjPOpo7GxL5K7v-Z3UmkNbEgX7CtVMV_taGXNP5lIoWseqlcO6c48Kq9Rq33dXo5Xy8ZVs8lJLlah6vq_oHDsMgwNkwi4YGml8NQ4VZ6-kyYrOyM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame E5DC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
css
fonts.googleapis.com/ Frame 707F 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 06:28:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Mar 2022 08:03:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Mar 2022 08:03:20 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 707F 		2 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:54:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 707F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd85Ex2tBYqSFG5X33gPPjYXwApDm5sJg7oDM07QInYzp49MsEAEgm9yJImC7vq6D0AqgAePAq8cDyAEJqQKNYEMGJ22yPuACAKgDAcgDywSqBOoBT9CAAPgwrwO81fp0L9mggD3Zr6UTtKIDic8KBzvMWI-hBHL54infI-3a-5Rd9bsDBhC-9K566iuu-toQK0hungjf7Cofm97RWpGik_KSbY-rXiLgaTZSnfSYldoB0wqyEcDdqSoiVcP4YFgMtWc9r0_t6R4nr46UMwEbgRaHiUePd0sIWQOHc1eadxsbIkd0nOsQYRGQ6BqOhmaG12_XqQFzyjCnYRf9IqRT3KGtzVh59YtpIhN-m2BT0PDhf1CVhDZsq6VDMd0INf0zXsPEWBNwJ_Q7BroQrcZ9P-TWY50duLUM6aeN7AQcwATQpprGWeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfIzcUiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPKkC9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDM1NDMxNzQxMDgzMjgyNoAKA8gLAdgTC4gUCNAVAYAXAbIXHgocCAASFHB1Yi04MjQxMDQ5NDk3NjA4OTk3GPPxFg&sigh=hseUVQKF9Uw&uach_m=[UACH]&template_id=494
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 707F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:56:21 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 707F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:57:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 707F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:02:00 GMT
l
www.google.com/ads/measurement/ Frame 707F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfqeqewOClQehGOvPMOPMS9HxM7ClLHaBJBDMwCui8pmgBjn9foTfeVgvtZ5d6SXMNBJV6D2lV9141Os-r1xv5pXyMxw
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 707F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:20 GMT
c5c2d0ec538305d3144caccb9e9ba20c.js
www.gstatic.com/mysidia/ Frame 707F 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 11:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11812
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 03:00:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 11:21:33 GMT
truncated
/ Frame 91AE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7c7950903719bd7d78ab0b3bf82540906df67ee5299467760cf1cbec8e2d9ee

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
shopping
encrypted-tbn0.gstatic.com/ Frame 707F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQYV_HlC4wjyjMjW3ECIV7qv0_TbWLmkQLdUDvMHGrd7ULJFBg&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8885073b1c816b0886c528124415de46bfa2001f813fad7fce362a48c0480eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:36:44 GMT
x-content-type-options
nosniff
age
59196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11549
x-xss-protection
0
last-modified
Fri, 28 May 2021 10:47:32 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 27 Mar 2023 15:36:44 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 707F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSf5f8UhbnxCIXDGe8mdjJsYoyHsD7rTeUaO3N73dzQKNoC5q4&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1670128ce2ea97c9b27bfea3d4ff4b32860b52c511e86ee9b6da12fef008178a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:19:13 GMT
x-content-type-options
nosniff
age
6247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14183
x-xss-protection
0
last-modified
Sun, 30 May 2021 00:53:33 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 28 Mar 2023 06:19:13 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 707F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcREIW9A8jJ93rHZdvTRQh7Y2Y8kE-mMTzq5kuCXrz5e4IZhtSw&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76ac51651e6b439631d0334553b741f8ba256886d44a81b0d96f2ba75ab40182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 05:48:39 GMT
x-content-type-options
nosniff
age
8081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11067
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 03:07:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 28 Mar 2023 05:48:39 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 707F 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS1O7UFfOVHaMl043Dqwkcno4L4gA_cJZqwyN9i5C53PXwXQPfi&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41abdb8a85035bd21eede624da64161b5a961d29d8db5310b5a0a8a231360da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:54:15 GMT
x-content-type-options
nosniff
age
58145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12909
x-xss-protection
0
last-modified
Thu, 27 May 2021 09:45:40 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 27 Mar 2023 15:54:15 GMT
truncated
/ Frame 707F 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d1cde7dd6457ab3780699765fe535407e971c7037713d38374036f80a44db9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn2.gstatic.com/ Frame 707F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQwuj6DZYeLSNpjiqaYHW7gTxvjps_DMrRxZvJZKhaEEQvbWJ4&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66f3b05796975c8addcf53860d9e71dd5386ce62c9e0513bb65f23d7f6354298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 16:35:26 GMT
x-content-type-options
nosniff
age
487674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13890
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 05:39:26 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 22 Mar 2023 16:35:26 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 707F 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRYdLN6mq6cr4dhg1RDz0gW3YIYb2xHtta4bg7uF2UfpYP2M4w&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2759e3c54fce6f5bae550ec99586149fcdfca72d0e8824a24eb54a662325df59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 18:37:51 GMT
x-content-type-options
nosniff
age
48329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22933
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 03:26:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 27 Mar 2023 18:37:51 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 707F 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS5fuI76wT8ESufRZ0x_l86M0AN0btqOIe9tYJDPHj6sDLCzjY&usqp=CAI
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37255444d2c1095992d34bd7f61f5deda10715dc01a0fa96a874ef097c17c54e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:25:49 GMT
x-content-type-options
nosniff
age
2251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9661
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 03:05:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 28 Mar 2023 07:25:49 GMT
3529266222074279606
tpc.googlesyndication.com/simgad/ Frame 707F
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr49Ky6wEQmAEYmAEyCATzXPiQwwdV
  • https://tpc.googlesyndication.com/simgad/3529266222074279606
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3529266222074279606
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9670d1aa2ca52c822a9c53e16033e25b9451bd709f0b84da86a4074c0f13fb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 10:36:49 GMT
x-content-type-options
nosniff
age
249991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2578
x-xss-protection
0
last-modified
Tue, 07 Jan 2020 14:48:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Mar 2023 10:36:49 GMT

Redirect headers

date
Mon, 28 Mar 2022 03:37:49 GMT
x-content-type-options
nosniff
server
cafe
age
15931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/3529266222074279606
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 27 Apr 2022 03:37:49 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame E65B 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXjTX8yM0b4qJxO4Eka5enRHwMhK_OLIURmfri06Zdeb8TnKw8&d=CnkAoCZ_4ESKhsJyIOT_IqKo7aqE9Lhq724w_O6diULu6vzFI73l6sMRdReMmHdNNe6mLanJtct1nKM7sGHs5il8oP9eP6OHETYFnDd1QSAUrWkZHMROQbQWF2y37z96nuN_EbQy5HsNB6Nbu19d9tUpQO42MKBAYTLjEtkUAKAmf-CFnZ8887npFwQl-fABitJaBbvsUR2-TgpLPRv6gFPPZT_kV42dOH4qOo8zbvLkc3MkM5hAv2Qvt8s-ZXhGTM7L_PO3Agd7Vsx7vAQMtJU6NQbOkZEFPjYHesMa8oAklHXNEOV9PLaMVGzCKppyi9mtCtyLopDVEKmcvivfUXBhMI36HazAUT5z7P2FJ1-Hcl9t7Q3OFYs66ST3yYsx9fRE-vBzS-0WD_1SMVDKbnzXi2-L8gBCCSqAXNYvTnjCkCaCoUyOrM-exmZ-n8Tukl33zOJNxDXq9BmhLM1ozmXtcV85idFn-51FEqEO3_W1_VJPlnx--nvg9lzKOYEGyN9_xgkm0TLrnIvNDv0iqFjQXOalo8W_gc46lImgkjUjZRkESWc2uxbYR6wAu9Ra1Ona4toypCodJYf25r8fVXX2FFLhbC0CbGr_41o8OvHMBV_ys738JtqAyICtIB2VFnQDlxnCOD_X6ZJO-KE5cDLkzk2XYHv0idZoelMthopen39YKTakMmDwbYOn2CStr17ParSFcv36gdWumf5ntoncWKIOj67hIvLOIqsu-KfVJ7fdw8klGrGAPskjyuCB98R3HFtwxqGHms64agY5rtMekNNodXgG5x9jT_Om-aE9UcOPYhkFEVyYkpsaADwLaLtZwa3vUQm_J6xW5Fp583f0V4W37D7CI6naN-yKmC4BC4I48-O8fkZaaYHrDTEuA_iPILeqNnNn8Ti0Cxknr5l-7gXCrE-JE1TEMCUk-f2osMsntTrKjF8WYIDALA8taD7FrOwhngS22u6vajWBJZck8UoBIVfCsXPNEnikd0f4D7mhFGqQEc449BmquvEafQ9RjtYChxGz9nGCSnOisYSPESgseL32Z2Nh40qtuF4PVvfg11ifxBoe6dBuuEtZejnd4igrlKZo2Yzr2VP7iKKZvTQMCEUoG4lOag_pTTLG4A97bl0lDWW_KRyaxZGjxsYA8v0VwnaHRwf82pn_Rnof3bAKW3eSHJx4abb0vXbQChtIIlKV6Kg7V9mdPrm2JSFH3SVJq_RJJefAhP0b0-iU2Bd0hgN9frU_5djjcUzgI59U2LA3-3Uya8tyQimhOkSMH7E2ZId5iYmRl5Zgy-bWFDv1ZhZ_NcrOBBRMRDLlbJYuTISL5zBmaFk11MEsg2znDnLvt4Vqaxl7x38hh_OCXiJl4NuZ0GEnbGMCex6iUAC2RtoM27PItfC9yCyFrw4wwiCmQXo_cplmxTwB2xyZEuFr7eg6bxT4D1vZUH24_d0ZybKuJcdHmhndsbQz9fGjL0LGcLZEKvR1k3ZMoFlk-3Oay-RkLp6GlY-Tq2LjKf3HGjZYm6a2CJ4JK-0JOMqUoZebayr_fAgnKoHW-SAZ9cU64tLM0MI25v-z4tWWnkf3564ujAhqZZT6hINhzwfpMHruVBmD7tSqbYMxXV1dVs9RmMwvN7icObZNuZrAiDTtL8xanF_v9UwbrRaTnS2prGgdH5dtS4nXPfO298FNhwojTVJgcDZQoYq0YqG9wxTAKwH_hEqwFtYRebpqvtpljqvBW_kwSp_TzyIOvn9MTVm9pvI2Lo7SxGJAkzPjsxiPEULG1p6k6O7neaqieMyBq8wnV6O7PCWqMFA7Ys2OcMr-xdqejgNCgx1c7sSnq0lwcQEPWiNq4m76-LPBGPGuSR-WnxDVKu9NjTJ7CEAxkeZxp6LINSnAzCxujK4WiZsbcBlNidtv3aqtUUya7QTy1-OyQVB7BQDvdR5658IJMompQUgbSkZEnAGiVtS1iwljQJd8aUyM1KY5df3Emk-1h52GWAgn0jU2hjFx9mmUxb3fISlWYfZTHi7thl574JnINXVUabQM8Bx32Y44AIVz4gMvnJpNPBDHX4sJQMGLm5-6M8HcJrJDUsL5mz5JubQA3XjAaD5gT0lT0iRn8mbYX8P-5x8lftrQ9lUK50RrZ0bPRNwmkHrZbtkeJpmTjAfBNhcSHv-Sii4nvruvw2TAcn30H2m92avwSrYE-1N9UxulI2n_KWgtwbrc76avgNrDoKymHnBYP0vjOEDFpKoqqypeuS9C7eO93UE47mRTVOMBr7aMQju_ZwSqiQ-dkjKUoTej7uDuQx3qSGEcaq2HoLmu_9Q0J74xcq6Q3GSs-vjA5xt1TzUruhOMMZAq8XWVOjC-7HMfIJZ99SRv1HyZwqvKa9Nv5v9nc6S0HSuXeWf9xvvQBJ1VhBF23HEJZszwnzWGjv-x533KPvNXajZBzJKO4OplmQ7kvAe25sGGl9NMQ7x6JCU0Yk8bhS9vIsGf6Ggv7QIahtWpUxEe60GJmfbSBEyuLCSjjuJlQlq6NvfPSTq0q8yHai4hHEdqwxYL1dH70oiJr2sF0n7cuWP-MWhsKtAq5NRxhWN1rH9I572O1j2X0kZwr_ACWwwbFILk-8Wt-s743Kwoj2dmfyMdcbugi-tLW-c1Z0O6idR5Lw95zJkrYJsLY5L5PfUDOEOXsWepdINtSr1wQBMZmO52gFgAI4JBYbFjbeo1kt8SNSslwdkzAAMDfUMsu25nIOyH5Lj6n6EheDQO73pogM5LTc6avbD37aJ3068x5RVRMdLz2jlRPMHtjn49zrPMAS24ad8Fkxcf0-LeQY1Ktdxa9bQYt_FRdfVYYeMlLLE6fw5IzzE9sQ-FyC5SVdfOr1f2vBF4HA6EhQbCcliRhIT3CMRwzFY1R3UyCi_g1LCTMM_mIDkiYp20jXkg2XiGLZ6JhsDSJsZVw-NttoyHU6ufbrMaGSPQ-iQFmgGZUwh_OGzIJBDlm_mvBy4zMXM1UjsQJKR_CLHb_4xwxf5I5zGf6xzggg5MMVVwY0PkpvncZZ05ZBdcGTtGdbKp_UXFgj12G2UeD3xKi7ZFWrF3o329fhZQgZPCQTw4N3XgT6laWLW43jyItBRE2pzwsLgMQ2_ESBEM-4ajA60NyZlLKgY9Jt-yxdxZTM3wc5glUVkDMNx0iMo8UNvAvbfwi78Y8ag46wc78Z4NyXKCp7RxaaQzlmaSBqh65AclIJGWD19Dvwq-L_OaxaM7NAA6V_Sfg_szwLqbZG38XA34oL949pA1Xx6JDNlzLJUX6cQ7kzSjEeZ6IzrKGvxJ1bGd50ut4kKS9f0_j6uhN63bYqy7oYFGl-u_q2aLnew61NzzHT9PN5fKUIWTs-8kT4_2zUAdcFsX8L_cAwHpkO1F0Tk5jmfzXNvSnpeYbFRMT7BS2G0CJDliXaNBarzRCekkrpzR_bmwmLaZ75wL1ENchhSodUvn5Gt-qE8AHsVM07nb-RRAR_GC3bg5csx0GZaUhIh_YiEGfLt4GwrAuuC1W8HeKrUcd57azkW0J_YS3eCeB9CHAA8HqirmSmV03A8OXDsXS4W1y5d7_owSBnZyXsYsYe0ephRp0Wv2m9wRO2GnMuFkt8lVoqpm4acbr_eoBdoZLIzS4wXuEaySO7eUgB0_0ZO-KoVXDNtfUKHUbL_2DARjHH2TgFYBE1dSUSTAXuX15Jaw5Q-AGikIABIl5GhGqHBQ5aG5bBXbcC8TF1Ap-LeDSBk04Q8DkAs4GCChz-wJTmAB
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
cafe /
Resource Hash
153c86e787c97ab23ade5ed156587707054350cae4c3166b6c8ca5569f5bde15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23603
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.flashtalking.com/142462/3451559/ Frame B663 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142462/3451559/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/633/6331246/3451559/js/j-6331246-3451559.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
5e45c8880be524364a08d4579a9bdc5c67c5bff166478d7a93abcb977d3bc815

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Last-Modified
Thu, 13 May 2021 15:41:24 GMT
Content-Type
text/html
ETag
W/"c96ac225f50b813c7577a8d592262b98"
X-Varnish
12074088
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=1200
Expires
Mon, 28 Mar 2022 08:23:20 GMT
Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Length
3498
Connection
keep-alive
Server
Flashtalking (AKA)
moatad.js
z.moatads.com/allresponsemediaglobalftdisplay739160694092/ Frame 57D0 		299 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/allresponsemediaglobalftdisplay739160694092/moatad.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/633/6331246/3451559/js/j-6331246-3451559.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
99469201e9dbf15a407c751143dd1bf1b6fdc491b0dc8539cabb69b0034bd48b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:00:56 GMT
server
AmazonS3
x-amz-request-id
C606KPCN7A8S2THD
etag
"d5387431e231129a58e6af4cac5b94f9"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24440
accept-ranges
bytes
content-length
103540
x-amz-id-2
YKRG5/7dD1RA2JvPC+jEdUYrla5/F8uYCdgNlI+gmml4TtU3OGX2EvjrkyzlETRFK15Dj51C0Ik=
truncated
/ Frame 57D0 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 056A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhi859zEATAB&v=APEucNW-BOV69UX1j04gdq8CN3Sc8wEvlhopEgdR8KmRTTJpXIx0uCMudqFnd7zXKCWLa0fGiPBW_z8GhYUAjGrQ4gyPg3K7W5B0bQKzR31XFZoSpJ28Xbjklt-lR7MbiAJIEkVD2XZDxEwZmLwGqteZ9WbKnn7vPCXJDkqKQQZyO8PlTwYH5yg
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 28 Mar 2022 08:03:20 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 84AE 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjYTYUkDXsSQ8WFssj01VlRgTDJZOoD38g_filrxi61X1CTzPnAaf9vJx9UkfKjTxa13wgTfgLMyQFUkwi3z1EDHjmHw&cry=1&dbm_d=AKAmf-CxmxRUD3A8xJYS45eHXVyIL2OL3x4DzqwEqvKbRIbWRSP8Uiu0Gp9ZFrh5Lc9oynK8HttCsBFRwQ1U_zdi_MbkI8IbUbGx8yMvy7WmTif9stY2N_QHhnTyMawUuJqMT2ZV2x0RlZx3lP8a14QOKvID33c0TNCM3O9wbso00crzhRPBbp5RReog52C7fF1k-yVRWj6gTjj6nLlQkq315Y8Bx4hcI3iAWv48SQcUoHJvPdpFMiompjqyUoIFdXqtcEqTvlzHuKdRGWj-eJnIfn0irj1PLYoqxTVtJPBul7RIOSNe6Ba7Gp293pcLAexkf1DrL5yowXTJk5eUOSjKmpmiBNd2wnzo3_7YsXT-NctAL3LA45mSE-S4cOBk43mwzu4WshYqEKqtfr6_KyMlsoyCjG7K0NV-WnmUDzOa_bX3wWa2H-EmDNY07-Xt8C-_kNUV6qFrsw5UfkMub2mRkZUygy3tE1Rt9nA4M07ArQhEb4dIW2SWcF09-U5CiWd480fh3-RwTLX_dgeBI-ObmkcHsQ9ZWAYUv6gsyxzM5CJNTRiFkY0sKGcqBOVQit9JoPbfgH3gvHnUZA446Piu_QQWzhyY2NPWM204XoUfPrgQ4Xlt8qwSA01VFH7TXki_nNC-gyhzas3EKMqbLyjT4qMvHDcuvIaxaFOCYdL8IVWWL0p072AOXiobEEE3tZNzDm_ZYdjW40TJyS8SDivVJ97ZDbY81IU0k3_ZjS_tjLfJFRkFaSFnAA0awjm90FFPjhAPIHCg42Onf9zXRlEgId0Kg-H-yrULtfXisC9HihemPM3rvmd06TmxcNfsZZ9zcAlHqT2GOc8UxYNZWiLXvytkkpB9o0aCWE1iQBFHVETI418VtyDzoAU3DesuND6nJO-fwHZiX-_-nkhLZSyGUgE0ixzla6kruOHfFOx5vJ_tB-NpqJW07r8kHBx0SWKDGKCkPwVpLg1g7J6kQn8M6WItC93HX6rtIPOT_zVLK_BfuXqUMgSLFRPMxD2r7s-lvfQphoeEeGVP9y6gv3U8-0Dwvgn9DxEN6g8lrYQl06nJobIxIoqRmz9CXmy64yW2sj2zW5OG1e2rEsAt2GuzzjBy_UBO8PX4DjzMuimYK7Unucucx0PRx-o7YYn-uBLiu8xzbP18UPzq91eckZl_TMoA883n0fwa5wpYsfx6-ffo7fUyPZ9hYY8shQlUaeoDyzIO8zDviUxpHckfm9gDIhmixAntEObntHRxdSooimQ8p9MeMg6KsXSItqCDEhOiK0UWAJuKlCtENPTeUTZDvosuoA0uAIwnRP56v6uKP-2o3g39iaMi5Rq6HArYAyrTpiUZaAI8iHpRSaXQCAC6XVCEWBRjdTYHAPEBXxbiGfMa7uxR0ha-dzM2A8Xaz7--mUXCqhGeDc5Z7QXqP4P1AyywgUKb-E6kuSfAukqShc4Kxhi31Bdloys_bawcggSZ_Y-V9f31xtSMwpbPffcjk5w98cpj-D9DhraQ6SM60OlqDdWyAuG5ocEkunMHclU0n7aI_OriumxtvIoSJDZJJMiRLe0RikyTYp2VuGSkh3QN2YoT-2FJ4kFaBzObexqr-hUB_mUp511Lfh68gwoyqQnR8869cGrfXn8gm-gWQJcl6cc5Q-8qLc1mOwG1XUM-xkoO40iv1-VTGQ082Gi7tlUkU2L-qVUhk8gsHM5LKuyjiiX3KS8dfuh_QfHcN1nLC60AHQm1ABBXOIhEnjhUgu0j3kcfApgTuaiv4pAyJnMGXZ2oteqSl3HexbSa9kbdCeTHHnBiH3kWbGVGky1LEA_WZEt-JauA-ZxkCyDiiS-NIupR-F1CAMhR_rxnjf99IrBAua9fRYtEQiuHF2wx-dkTmYqe7vflRSGOqf6YvHCBfTZ9RxNIUhW4VkGKmr1PrXIEqtJI1HKB-P0-_d2ydafAB3yNFqcF7C3wsVQ9K5yPGdajdn7wzE0Q_iqXmlE91i8bfb3X1LT1_zfhpumBYMF2PMBq2OPupGlT_iv9Q-bnom8zj4AQeHnRpCW3kFlBuy_eCw9Zl7AFvR1Gmxmb7VRlRsJYoKRX79YddqPhh6aOc5DHBW-CuF9830oWhxEqaShhTnUzBiPhU8Ge92LcdS0JupFIZf3qH9-fZXGnOez-eFatNYghRCGkAQokBMeoCdv2oHpydNQLePnwjC0JItgzh9K1IvLLEG_rA8YKiyKCSPJYAtcMvZWXW1st_18Bz3lEjH8n61Pd4yt1c6gRiKl5mej--v72PXUv_Jnt0qEDT_1IUUqfcu68eRr05y2218VoXzQq9C2ZnqussGPfKssIgfkr8rcgHCPSbEMFmrFmT3uC0rMNxKp-R_eKwh6XMIfQR9ceNWWDhYENH5LeyXW4Z1cwXZuIhBmBlH1kPzfpFDIdXpMqdwib7rVnN2ztYPMRYYiqMlrgeRhPxvXbtIAeg4W895yL-SUDncEYmY1OWTkK99bTbGnh8Hfm_MOQzIgopwoXyf2QwpZT2xA7BLPnuawOzWDXJXHPoTWOIa7mDkHzv9qz6Hlt4Htsp5Lvz1bKfYhANYO8FapUg0od3L51XuUSsTtxF0hDzgXCwT8nBNf5SeWFUrF38U8m0aMSKmWHgTI7f2vzlztK_bdQqhiv6NOynYApULJ0szR78aFR9YElufJLYT9VuoRs-aO2zzdqPojFjf4ZA9sk-gIPNddZULO_BlVEZ4Rlou3Jf6UjQJaumCJX3kN6M1xwrdWO_abp7ZaW50FEglzX7F-dG9VccDtvn4EqZsR29cLHKY_J52yGMZYrBbo5BSzpJdVc50VIkybb6awiVVNt2bLN6TIST69m7b0EKQOshVZaQaYY_BYYD_ljTETtRC4_-ilROx89She8tXDgrXeOXVRaplXRzUzPxsv48Ndpl0gXADT7De1oXvDRRQwaNZwl-T6X3QfNpaej-wL9EDpzI1cnhXKe8rbiN55M7wsv_u23oPFu1rEm4pVUre0SuEbY8531nNHOdsOFmG7PzXh_1MAxuyDWEsTdT-FYmoxbkOAh6paiiT6jHFNa93ojq5GxGk7ZuKm4P6G55WiS3qrRluyg9cWNGznhq0GBIB6Q-wGeJKfFGWaOEf8GhPHNVNYnC4DLSTeBocNBQlul4Jo79yE29KmdM0hgOSkNqi5944vKBpHsg44xHNI&cid=CAASJeRoW5YFG_FskDkryP0ieBJYRZoCCuLTV6tFknSNwg2gdXaZMzI&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6ec7220aad688109e46781f01ed309eacb3d146142908a9d625ae46769574cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32989
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cw9UYDJN0xLJivI-IYlvReZe0YkXGT3w6dk7uP3KLLBb3q9YeLmdbXay8pN1ki9dGMWgQOcjy64UtFmS-77wHdj-pmiBlS0n6pgDX-4dMpOwU1OIs
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 84AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:57:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84AE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 84AE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:02:00 GMT
l
www.google.com/ads/measurement/ Frame 84AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHWiKm9u-qn0XrUZv1uCvPEM-r0rudqM1JNwE6OdrSxpY8uREYIYuvUlIw37rrLpSc8anZ2eTJeZVljVmZzoPpxd6cSw
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
current
dclk-match.dotomi.com/match/bounce/ Frame EAD4 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBZvnVZAkEuJuq3xhmaTebI&google_cver=1&google_push=AYg5qPKB_9T7SOSgSn4XNy16FNZ9TZaZoLfSTySudAeAGyfvydgsWoNG_RBrvriAzvZ77UMy2d0N8KsbjpuIohHZpv6cCYk9hYXh
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame EAD4
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHSqLI1qlu9U5XrCwDlSfDY&google_cver=1&google_push=AYg5qPLc1RJHZa6FmWfPmWsj29nCxBILbxckmNH_JHYdF4QWjqfKVrhw20f-yOfVwDTduFkEemYLt8X--zc...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLc1RJHZa6FmWfPmWsj29nCxBILbxckmNH_JHYdF4QWjqfKVrhw20f-yOfVwDTduFkEemYLt8X--zcVxXHJthbmvxsQx_E&google_hm=BpTvxlORSc2yAuatKZEl4mk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLc1RJHZa6FmWfPmWsj29nCxBILbxckmNH_JHYdF4QWjqfKVrhw20f-yOfVwDTduFkEemYLt8X--zcVxXHJthbmvxsQx_E&google_hm=BpTvxlORSc2yAuatKZEl4mk
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLc1RJHZa6FmWfPmWsj29nCxBILbxckmNH_JHYdF4QWjqfKVrhw20f-yOfVwDTduFkEemYLt8X--zcVxXHJthbmvxsQx_E&google_hm=BpTvxlORSc2yAuatKZEl4mk
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EAD4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAHkCS8thZQJ6Kp4XOZsQrY&google_cver=1&google_push=AYg5qPJjXcCH2AleezJp4d09kKeWz1BKgIQeD84AsX8zFSedgp9HxKmd9u7QJpJN3xFPOGpmBt2dfy1mOZnBo9De0xkM...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3468d64f-61d5-4ddf-8516-2962975f7231&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjXcCH2AleezJp4d09kKeWz1BKgIQeD84AsX8zFSedgp9HxKmd9u7QJpJN3xFPOGpmBt2dfy1mOZnBo9De0xkMj0S8y2Ds&google_hm=rOn8PFdjTeCxMI5-PRJNZQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjXcCH2AleezJp4d09kKeWz1BKgIQeD84AsX8zFSedgp9HxKmd9u7QJpJN3xFPOGpmBt2dfy1mOZnBo9De0xkMj0S8y2Ds&google_hm=rOn8PFdjTeCxMI5-PRJNZQ==
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjXcCH2AleezJp4d09kKeWz1BKgIQeD84AsX8zFSedgp9HxKmd9u7QJpJN3xFPOGpmBt2dfy1mOZnBo9De0xkMj0S8y2Ds&google_hm=rOn8PFdjTeCxMI5-PRJNZQ==
Date
Mon, 28 Mar 2022 08:03:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame EAD4 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEH1fxnsoV8N3oadaLm0BfOc&google_cver=1&google_push=AYg5qPJ69z8LbNCuiqwy1WsUgWBPVG97i9RCpSFeBCpvt8HhUMClfNwR7tLNwjYW-z9Z7S3PrTY746g5sv-3dRd4s7BS7yMnc7IB
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:03:20 GMT
pixel
cm.g.doubleclick.net/ Frame EAD4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEANaU7-GUTlopNmmAzNLgkg&google_cver=1&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQyNTc3NjY3MDM3NDk0MjI2MTU0&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQyNTc3NjY3MDM3NDk0MjI2MTU0&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQyNTc3NjY3MDM3NDk0MjI2MTU0&google_push=AYg5qPJ5DXITk4KeuA6i8Exoz0P26B0gIydMfbF1L1tWFl2sdxa6BN7dnNqM6dVrlaMa_F0kkheogP9djO-HPESnS_abvjwg7v5d
date
Mon, 28 Mar 2022 08:03:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame EAD4 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJ8kRkotkaq4tQYQuaxg_5c&google_cver=1&google_push=AYg5qPJms-QL6iEWpqCxHfX4kHJBXxCrd9uZaXule4nIt4ekWabC23OAUlHzsOeXfzPaJDDxAjDpsfCfTU_NMBHL3XFJFfbciST_
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame EAD4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPlEH8X6eSJsmo2AgTNxsu8&google_cver=1&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2u...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPlEH8X6eSJsmo2AgTNxsu8&google_cver=1&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2u...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Ic1owQWM1RTJ1R2IyNFRzdlJwOTR4R0tURXE0ZnJfdX5B&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Ic1owQWM1RTJ1R2IyNFRzdlJwOTR4R0tURXE0ZnJfdX5B&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2uOvH_MqDAjDG-BCgCM5T_1EHOVGoA
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Ic1owQWM1RTJ1R2IyNFRzdlJwOTR4R0tURXE0ZnJfdX5B&google_push=AYg5qPJnokrtCr1h8Y11fETyYDFvaA3fOfeQ7I9GStHbB3_0RDClHeUZ5T3wPjSW_eCwoSsp2uOvH_MqDAjDG-BCgCM5T_1EHOVGoA
date
Mon, 28 Mar 2022 08:03:20 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame EAD4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNufZAeB9hodCR6cCKBpR6aPn-vAKgkwgYAw1FYqI7b-UHQEQpd0YDZDCcEQToJQZIS42t9g
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 177C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
7776
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 57D0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3967ec954a88fae02b3de7c11a9575c1447bccd09b17bbd4e53817eba55f9a1c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame BFE1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 08:03:20 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame BFE1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 08:03:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BFE1 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 23 Mar 2023 08:03:20 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame BFE1 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 23 Mar 2023 08:03:20 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame BFE1 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=cQaKUYLXQN2iC1iZSbk1fdbvTqzdc2CEArXLeDDMk-rH6ffQGIaRqvELGm-zK5N2K3vv2cRS2HWrVU0u2_jfl2bQUo2r-Ay5IjCuDtti-gPeolwHGD_EHBkeU4qbv1GmzqO9aKBe1p3vdafJ-i-TgAAKLB5pkxMotIJo1gzlG6WsioGewbClpgWkUgyE24QUxX7GPbcluOBy-haLw-BQu2TzawSxMY6x9tVTUxxTJLoL5sct1LasxP3OTO2wjPlcDpAu2gwUZaU31KBBALoZRfzPe9_WxrYYEQUCX0OR11ReQeoLsDy4wBSQ8biJewZ0aQgANaarvkV3onclk2qJRR5pi4tHPQ3YeN115iByK-E2AZ4D-FpEPOzmr31duWZnAVKM3xGuAX4vRt3JUdS-CFw4qYvqYRDRQskkZS1uBSvVZ5th6OsBZIF5qj6BUB5bFtd3ZQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2837867
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FD82 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
7776
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
createjs-2015.11.26.min.js
cdn.flashtalking.com/frameworks/js/createjs/ Frame B663 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/createjs/createjs-2015.11.26.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142462/3451559/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142462/3451559/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Feb 2016 19:43:04 GMT
Server
Flashtalking (AKA)
ETag
W/"54e1c3722102182bb133912ad4442e19"
Vary
Accept-Encoding
X-Varnish
399127846 393952857
Cache-Control
max-age=23935
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Mon, 28 Mar 2022 14:42:15 GMT
index.js
cdn.flashtalking.com/142462/3451559/ Frame B663 		93 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142462/3451559/index.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142462/3451559/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
41985069fb1903b163781e9ea2f6f699085b876fc94f530dbb3155951ad250b2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142462/3451559/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
20178
Last-Modified
Thu, 13 May 2021 15:41:24 GMT
Server
Flashtalking (AKA)
ETag
W/"086e87021a138f085ed988bdbfe2b288"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
661923975 661574952
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Mon, 28 Mar 2022 08:23:20 GMT
rum
dsum-sec.casalemedia.com/ Frame 056A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhi859zEATAB&v=APEucNW-BOV69UX1j04gdq8CN3Sc8wEvlhopEgdR8KmRTTJpXIx0uCMudqFnd7zXKCWLa0fGiPBW_z8GhYUAjGrQ4gyPg3K7W5B0bQKzR31XFZoSpJ28Xbjklt-lR7MbiAJIEkVD2XZDxEwZmLwGqteZ9WbKnn7vPCXJDkqKQQZyO8PlTwYH5yg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 08:03:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 056A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkFrxxCBWadtG-rjpQt6mQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhi859zEATAB&v=APEucNW-BOV69UX1j04gdq8CN3Sc8wEvlhopEgdR8KmRTTJpXIx0uCMudqFnd7zXKCWLa0fGiPBW_z8GhYUAjGrQ4gyPg3K7W5B0bQKzR31XFZoSpJ28Xbjklt-lR7MbiAJIEkVD2XZDxEwZmLwGqteZ9WbKnn7vPCXJDkqKQQZyO8PlTwYH5yg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 08:03:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGmpSfejzz0h0kQcgekDZQk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 056A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDbn-_30JF77sIk6Cn6ltWU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDbn-_30JF77sIk6Cn6ltWU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhi859zEATAB&v=APEucNW-BOV69UX1j04gdq8CN3Sc8wEvlhopEgdR8KmRTTJpXIx0uCMudqFnd7zXKCWLa0fGiPBW_z8GhYUAjGrQ4gyPg3K7W5B0bQKzR31XFZoSpJ28Xbjklt-lR7MbiAJIEkVD2XZDxEwZmLwGqteZ9WbKnn7vPCXJDkqKQQZyO8PlTwYH5yg
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3cc9b6d5-2d86-44d4-b272-e5b177b31c8b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDbn-_30JF77sIk6Cn6ltWU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 056A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhi859zEATAB&v=APEucNW-BOV69UX1j04gdq8CN3Sc8wEvlhopEgdR8KmRTTJpXIx0uCMudqFnd7zXKCWLa0fGiPBW_z8GhYUAjGrQ4gyPg3K7W5B0bQKzR31XFZoSpJ28Xbjklt-lR7MbiAJIEkVD2XZDxEwZmLwGqteZ9WbKnn7vPCXJDkqKQQZyO8PlTwYH5yg
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
X-Proxy-Origin
5.187.21.105; 5.187.21.105; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f13cbe86-6bfb-4aeb-b6b8-8ff3fac3a57c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMzQ3NDkxMDM2NjM4MDI2NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 707F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b380319d74805803ebbff678c954946284658339e7b02044dca909e59d84d763

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 84AE 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
Origin
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 14:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 14:41:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 84AE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjYTYUkDXsSQ8WFssj01VlRgTDJZOoD38g_filrxi61X1CTzPnAaf9vJx9UkfKjTxa13wgTfgLMyQFUkwi3z1EDHjmHw&cry=1&dbm_d=AKAmf-CxmxRUD3A8xJYS45eHXVyIL2OL3x4DzqwEqvKbRIbWRSP8Uiu0Gp9ZFrh5Lc9oynK8HttCsBFRwQ1U_zdi_MbkI8IbUbGx8yMvy7WmTif9stY2N_QHhnTyMawUuJqMT2ZV2x0RlZx3lP8a14QOKvID33c0TNCM3O9wbso00crzhRPBbp5RReog52C7fF1k-yVRWj6gTjj6nLlQkq315Y8Bx4hcI3iAWv48SQcUoHJvPdpFMiompjqyUoIFdXqtcEqTvlzHuKdRGWj-eJnIfn0irj1PLYoqxTVtJPBul7RIOSNe6Ba7Gp293pcLAexkf1DrL5yowXTJk5eUOSjKmpmiBNd2wnzo3_7YsXT-NctAL3LA45mSE-S4cOBk43mwzu4WshYqEKqtfr6_KyMlsoyCjG7K0NV-WnmUDzOa_bX3wWa2H-EmDNY07-Xt8C-_kNUV6qFrsw5UfkMub2mRkZUygy3tE1Rt9nA4M07ArQhEb4dIW2SWcF09-U5CiWd480fh3-RwTLX_dgeBI-ObmkcHsQ9ZWAYUv6gsyxzM5CJNTRiFkY0sKGcqBOVQit9JoPbfgH3gvHnUZA446Piu_QQWzhyY2NPWM204XoUfPrgQ4Xlt8qwSA01VFH7TXki_nNC-gyhzas3EKMqbLyjT4qMvHDcuvIaxaFOCYdL8IVWWL0p072AOXiobEEE3tZNzDm_ZYdjW40TJyS8SDivVJ97ZDbY81IU0k3_ZjS_tjLfJFRkFaSFnAA0awjm90FFPjhAPIHCg42Onf9zXRlEgId0Kg-H-yrULtfXisC9HihemPM3rvmd06TmxcNfsZZ9zcAlHqT2GOc8UxYNZWiLXvytkkpB9o0aCWE1iQBFHVETI418VtyDzoAU3DesuND6nJO-fwHZiX-_-nkhLZSyGUgE0ixzla6kruOHfFOx5vJ_tB-NpqJW07r8kHBx0SWKDGKCkPwVpLg1g7J6kQn8M6WItC93HX6rtIPOT_zVLK_BfuXqUMgSLFRPMxD2r7s-lvfQphoeEeGVP9y6gv3U8-0Dwvgn9DxEN6g8lrYQl06nJobIxIoqRmz9CXmy64yW2sj2zW5OG1e2rEsAt2GuzzjBy_UBO8PX4DjzMuimYK7Unucucx0PRx-o7YYn-uBLiu8xzbP18UPzq91eckZl_TMoA883n0fwa5wpYsfx6-ffo7fUyPZ9hYY8shQlUaeoDyzIO8zDviUxpHckfm9gDIhmixAntEObntHRxdSooimQ8p9MeMg6KsXSItqCDEhOiK0UWAJuKlCtENPTeUTZDvosuoA0uAIwnRP56v6uKP-2o3g39iaMi5Rq6HArYAyrTpiUZaAI8iHpRSaXQCAC6XVCEWBRjdTYHAPEBXxbiGfMa7uxR0ha-dzM2A8Xaz7--mUXCqhGeDc5Z7QXqP4P1AyywgUKb-E6kuSfAukqShc4Kxhi31Bdloys_bawcggSZ_Y-V9f31xtSMwpbPffcjk5w98cpj-D9DhraQ6SM60OlqDdWyAuG5ocEkunMHclU0n7aI_OriumxtvIoSJDZJJMiRLe0RikyTYp2VuGSkh3QN2YoT-2FJ4kFaBzObexqr-hUB_mUp511Lfh68gwoyqQnR8869cGrfXn8gm-gWQJcl6cc5Q-8qLc1mOwG1XUM-xkoO40iv1-VTGQ082Gi7tlUkU2L-qVUhk8gsHM5LKuyjiiX3KS8dfuh_QfHcN1nLC60AHQm1ABBXOIhEnjhUgu0j3kcfApgTuaiv4pAyJnMGXZ2oteqSl3HexbSa9kbdCeTHHnBiH3kWbGVGky1LEA_WZEt-JauA-ZxkCyDiiS-NIupR-F1CAMhR_rxnjf99IrBAua9fRYtEQiuHF2wx-dkTmYqe7vflRSGOqf6YvHCBfTZ9RxNIUhW4VkGKmr1PrXIEqtJI1HKB-P0-_d2ydafAB3yNFqcF7C3wsVQ9K5yPGdajdn7wzE0Q_iqXmlE91i8bfb3X1LT1_zfhpumBYMF2PMBq2OPupGlT_iv9Q-bnom8zj4AQeHnRpCW3kFlBuy_eCw9Zl7AFvR1Gmxmb7VRlRsJYoKRX79YddqPhh6aOc5DHBW-CuF9830oWhxEqaShhTnUzBiPhU8Ge92LcdS0JupFIZf3qH9-fZXGnOez-eFatNYghRCGkAQokBMeoCdv2oHpydNQLePnwjC0JItgzh9K1IvLLEG_rA8YKiyKCSPJYAtcMvZWXW1st_18Bz3lEjH8n61Pd4yt1c6gRiKl5mej--v72PXUv_Jnt0qEDT_1IUUqfcu68eRr05y2218VoXzQq9C2ZnqussGPfKssIgfkr8rcgHCPSbEMFmrFmT3uC0rMNxKp-R_eKwh6XMIfQR9ceNWWDhYENH5LeyXW4Z1cwXZuIhBmBlH1kPzfpFDIdXpMqdwib7rVnN2ztYPMRYYiqMlrgeRhPxvXbtIAeg4W895yL-SUDncEYmY1OWTkK99bTbGnh8Hfm_MOQzIgopwoXyf2QwpZT2xA7BLPnuawOzWDXJXHPoTWOIa7mDkHzv9qz6Hlt4Htsp5Lvz1bKfYhANYO8FapUg0od3L51XuUSsTtxF0hDzgXCwT8nBNf5SeWFUrF38U8m0aMSKmWHgTI7f2vzlztK_bdQqhiv6NOynYApULJ0szR78aFR9YElufJLYT9VuoRs-aO2zzdqPojFjf4ZA9sk-gIPNddZULO_BlVEZ4Rlou3Jf6UjQJaumCJX3kN6M1xwrdWO_abp7ZaW50FEglzX7F-dG9VccDtvn4EqZsR29cLHKY_J52yGMZYrBbo5BSzpJdVc50VIkybb6awiVVNt2bLN6TIST69m7b0EKQOshVZaQaYY_BYYD_ljTETtRC4_-ilROx89She8tXDgrXeOXVRaplXRzUzPxsv48Ndpl0gXADT7De1oXvDRRQwaNZwl-T6X3QfNpaej-wL9EDpzI1cnhXKe8rbiN55M7wsv_u23oPFu1rEm4pVUre0SuEbY8531nNHOdsOFmG7PzXh_1MAxuyDWEsTdT-FYmoxbkOAh6paiiT6jHFNa93ojq5GxGk7ZuKm4P6G55WiS3qrRluyg9cWNGznhq0GBIB6Q-wGeJKfFGWaOEf8GhPHNVNYnC4DLSTeBocNBQlul4Jo79yE29KmdM0hgOSkNqi5944vKBpHsg44xHNI&cid=CAASJeRoW5YFG_FskDkryP0ieBJYRZoCCuLTV6tFknSNwg2gdXaZMzI&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:00:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 84AE 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjYTYUkDXsSQ8WFssj01VlRgTDJZOoD38g_filrxi61X1CTzPnAaf9vJx9UkfKjTxa13wgTfgLMyQFUkwi3z1EDHjmHw&cry=1&dbm_d=AKAmf-CxmxRUD3A8xJYS45eHXVyIL2OL3x4DzqwEqvKbRIbWRSP8Uiu0Gp9ZFrh5Lc9oynK8HttCsBFRwQ1U_zdi_MbkI8IbUbGx8yMvy7WmTif9stY2N_QHhnTyMawUuJqMT2ZV2x0RlZx3lP8a14QOKvID33c0TNCM3O9wbso00crzhRPBbp5RReog52C7fF1k-yVRWj6gTjj6nLlQkq315Y8Bx4hcI3iAWv48SQcUoHJvPdpFMiompjqyUoIFdXqtcEqTvlzHuKdRGWj-eJnIfn0irj1PLYoqxTVtJPBul7RIOSNe6Ba7Gp293pcLAexkf1DrL5yowXTJk5eUOSjKmpmiBNd2wnzo3_7YsXT-NctAL3LA45mSE-S4cOBk43mwzu4WshYqEKqtfr6_KyMlsoyCjG7K0NV-WnmUDzOa_bX3wWa2H-EmDNY07-Xt8C-_kNUV6qFrsw5UfkMub2mRkZUygy3tE1Rt9nA4M07ArQhEb4dIW2SWcF09-U5CiWd480fh3-RwTLX_dgeBI-ObmkcHsQ9ZWAYUv6gsyxzM5CJNTRiFkY0sKGcqBOVQit9JoPbfgH3gvHnUZA446Piu_QQWzhyY2NPWM204XoUfPrgQ4Xlt8qwSA01VFH7TXki_nNC-gyhzas3EKMqbLyjT4qMvHDcuvIaxaFOCYdL8IVWWL0p072AOXiobEEE3tZNzDm_ZYdjW40TJyS8SDivVJ97ZDbY81IU0k3_ZjS_tjLfJFRkFaSFnAA0awjm90FFPjhAPIHCg42Onf9zXRlEgId0Kg-H-yrULtfXisC9HihemPM3rvmd06TmxcNfsZZ9zcAlHqT2GOc8UxYNZWiLXvytkkpB9o0aCWE1iQBFHVETI418VtyDzoAU3DesuND6nJO-fwHZiX-_-nkhLZSyGUgE0ixzla6kruOHfFOx5vJ_tB-NpqJW07r8kHBx0SWKDGKCkPwVpLg1g7J6kQn8M6WItC93HX6rtIPOT_zVLK_BfuXqUMgSLFRPMxD2r7s-lvfQphoeEeGVP9y6gv3U8-0Dwvgn9DxEN6g8lrYQl06nJobIxIoqRmz9CXmy64yW2sj2zW5OG1e2rEsAt2GuzzjBy_UBO8PX4DjzMuimYK7Unucucx0PRx-o7YYn-uBLiu8xzbP18UPzq91eckZl_TMoA883n0fwa5wpYsfx6-ffo7fUyPZ9hYY8shQlUaeoDyzIO8zDviUxpHckfm9gDIhmixAntEObntHRxdSooimQ8p9MeMg6KsXSItqCDEhOiK0UWAJuKlCtENPTeUTZDvosuoA0uAIwnRP56v6uKP-2o3g39iaMi5Rq6HArYAyrTpiUZaAI8iHpRSaXQCAC6XVCEWBRjdTYHAPEBXxbiGfMa7uxR0ha-dzM2A8Xaz7--mUXCqhGeDc5Z7QXqP4P1AyywgUKb-E6kuSfAukqShc4Kxhi31Bdloys_bawcggSZ_Y-V9f31xtSMwpbPffcjk5w98cpj-D9DhraQ6SM60OlqDdWyAuG5ocEkunMHclU0n7aI_OriumxtvIoSJDZJJMiRLe0RikyTYp2VuGSkh3QN2YoT-2FJ4kFaBzObexqr-hUB_mUp511Lfh68gwoyqQnR8869cGrfXn8gm-gWQJcl6cc5Q-8qLc1mOwG1XUM-xkoO40iv1-VTGQ082Gi7tlUkU2L-qVUhk8gsHM5LKuyjiiX3KS8dfuh_QfHcN1nLC60AHQm1ABBXOIhEnjhUgu0j3kcfApgTuaiv4pAyJnMGXZ2oteqSl3HexbSa9kbdCeTHHnBiH3kWbGVGky1LEA_WZEt-JauA-ZxkCyDiiS-NIupR-F1CAMhR_rxnjf99IrBAua9fRYtEQiuHF2wx-dkTmYqe7vflRSGOqf6YvHCBfTZ9RxNIUhW4VkGKmr1PrXIEqtJI1HKB-P0-_d2ydafAB3yNFqcF7C3wsVQ9K5yPGdajdn7wzE0Q_iqXmlE91i8bfb3X1LT1_zfhpumBYMF2PMBq2OPupGlT_iv9Q-bnom8zj4AQeHnRpCW3kFlBuy_eCw9Zl7AFvR1Gmxmb7VRlRsJYoKRX79YddqPhh6aOc5DHBW-CuF9830oWhxEqaShhTnUzBiPhU8Ge92LcdS0JupFIZf3qH9-fZXGnOez-eFatNYghRCGkAQokBMeoCdv2oHpydNQLePnwjC0JItgzh9K1IvLLEG_rA8YKiyKCSPJYAtcMvZWXW1st_18Bz3lEjH8n61Pd4yt1c6gRiKl5mej--v72PXUv_Jnt0qEDT_1IUUqfcu68eRr05y2218VoXzQq9C2ZnqussGPfKssIgfkr8rcgHCPSbEMFmrFmT3uC0rMNxKp-R_eKwh6XMIfQR9ceNWWDhYENH5LeyXW4Z1cwXZuIhBmBlH1kPzfpFDIdXpMqdwib7rVnN2ztYPMRYYiqMlrgeRhPxvXbtIAeg4W895yL-SUDncEYmY1OWTkK99bTbGnh8Hfm_MOQzIgopwoXyf2QwpZT2xA7BLPnuawOzWDXJXHPoTWOIa7mDkHzv9qz6Hlt4Htsp5Lvz1bKfYhANYO8FapUg0od3L51XuUSsTtxF0hDzgXCwT8nBNf5SeWFUrF38U8m0aMSKmWHgTI7f2vzlztK_bdQqhiv6NOynYApULJ0szR78aFR9YElufJLYT9VuoRs-aO2zzdqPojFjf4ZA9sk-gIPNddZULO_BlVEZ4Rlou3Jf6UjQJaumCJX3kN6M1xwrdWO_abp7ZaW50FEglzX7F-dG9VccDtvn4EqZsR29cLHKY_J52yGMZYrBbo5BSzpJdVc50VIkybb6awiVVNt2bLN6TIST69m7b0EKQOshVZaQaYY_BYYD_ljTETtRC4_-ilROx89She8tXDgrXeOXVRaplXRzUzPxsv48Ndpl0gXADT7De1oXvDRRQwaNZwl-T6X3QfNpaej-wL9EDpzI1cnhXKe8rbiN55M7wsv_u23oPFu1rEm4pVUre0SuEbY8531nNHOdsOFmG7PzXh_1MAxuyDWEsTdT-FYmoxbkOAh6paiiT6jHFNa93ojq5GxGk7ZuKm4P6G55WiS3qrRluyg9cWNGznhq0GBIB6Q-wGeJKfFGWaOEf8GhPHNVNYnC4DLSTeBocNBQlul4Jo79yE29KmdM0hgOSkNqi5944vKBpHsg44xHNI&cid=CAASJeRoW5YFG_FskDkryP0ieBJYRZoCCuLTV6tFknSNwg2gdXaZMzI&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:59:35 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 707F 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:31:22 GMT
x-content-type-options
nosniff
age
390718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:31:22 GMT
dpixel
cms.quantserve.com/ Frame 177C 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEP1V6QZhJxCVysdqOqOW5Y&google_cver=1&google_push=AYg5qPLHZjsm54GuZvJT1S2soiqnVUjN5DQzZgKbi38StFvlYab78GhUY_JkNGTJ8Z44evXILJrxz2_EAHAC5TCHxlCswaM-ArA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 177C
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMfhT3Dwm5r2A5XIcLWM1kk&google_cver=1&google_push=AYg5qPJAXBqepPfNQW7TxjliF_O6QeAUMNE3T4XKOwcdqojOAzfqxE4JGut5XVOOwqzPpsHcVALtO3_rrgfbvustCUw-ms1Tokw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJAXBqepPfNQW7TxjliF_O6QeAUMNE3T4XKOwcdqojOAzfqxE4JGut5XVOOwqzPpsHcVALtO3_rrgfbvustCUw-ms1Tokw&google_hm=Q0FFU0VNZmhUM0R3bTVyMk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJAXBqepPfNQW7TxjliF_O6QeAUMNE3T4XKOwcdqojOAzfqxE4JGut5XVOOwqzPpsHcVALtO3_rrgfbvustCUw-ms1Tokw&google_hm=Q0FFU0VNZmhUM0R3bTVyMkE1WEljTFdNMWtr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJAXBqepPfNQW7TxjliF_O6QeAUMNE3T4XKOwcdqojOAzfqxE4JGut5XVOOwqzPpsHcVALtO3_rrgfbvustCUw-ms1Tokw&google_hm=Q0FFU0VNZmhUM0R3bTVyMkE1WEljTFdNMWtr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 177C 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGPx12niP3QmxfH7IMblp8o&google_push=AYg5qPJuIn3D6M2egFBbfqr_8Mlm9RAlaNqxuE0USbHTfqoHIHpo9VLfWPAQi0dr8GZjyB2y6gaBdzM96vgxlWRkjuHrN-OJfF4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 177C 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO3VhqC5VhCeAKMhOmesWRE&google_cver=1&google_push=AYg5qPLfFkflz3vKszUlX_Pdjah7rPFe7zhRUZTXN7gNIS19SBZBLU78asBVpIQE_wNV4lznDzKgLn5XFXcc_CjovO1zOm785A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mul4vc7ohoan4v38h0t1id9amhoav51b
pixel
cm.g.doubleclick.net/ Frame 177C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rq_eKuD9TxKWucYOfbDsFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rq_eKuD9TxKWucYOfbDsFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIi9pOTSTXkIrXvAqLQ7BHlen0heNuF7TdgLAThxwNoivDYyVh2cX2jrzF8Ao_sdggBoC-zQz-lW7QGO-f-2g-st53SZw
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rq_eKuD9TxKWucYOfbDsFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIi9pOTSTXkIrXvAqLQ7BHlen0heNuF7TdgLAThxwNoivDYyVh2cX2jrzF8Ao_sdggBoC-zQz-lW7QGO-f-2g-st53SZw
date
Mon, 28 Mar 2022 08:03:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 177C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMNzSTojm09mJxjQjIP2nzw&google_cver=1&google_push=AYg5qPK3MKYbHOJ6IKmeKIuQmteGaY3rdRTm18IbUrS57ssXESghcERG43unDW5BSnFM7OMuUCX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyOTUtMVgtRUJZNQ==&google_push=AYg5qPK3MKYbHOJ6IKmeKIuQmteGaY3rdRTm18IbUrS57ssXESghcERG43unDW5BSnFM7OMuUCXsrYhgedT1t9s-AbwFCoKAVjE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyOTUtMVgtRUJZNQ==&google_push=AYg5qPK3MKYbHOJ6IKmeKIuQmteGaY3rdRTm18IbUrS57ssXESghcERG43unDW5BSnFM7OMuUCXsrYhgedT1t9s-AbwFCoKAVjE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyOTUtMVgtRUJZNQ==&google_push=AYg5qPK3MKYbHOJ6IKmeKIuQmteGaY3rdRTm18IbUrS57ssXESghcERG43unDW5BSnFM7OMuUCXsrYhgedT1t9s-AbwFCoKAVjE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 177C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9z...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 177C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lx4SkkEXDV2ItPTzFAw32C1JyAEHIGxpsRFqsrZxrqregJDeCrRI95z2XyTblAhFFbF9F8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame BFE1 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 08:03:20 GMT
3ccc924d10a34d4c9e6c446251bfcd64_cta_m.png
static.criteo.net/design/dt/7273/150707/ Frame BFE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/7273/150707/3ccc924d10a34d4c9e6c446251bfcd64_cta_m.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2defc23fcfd1db173c1afa8ad16bc156469e6d116a566e5202b521eacd1e6264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Tue, 07 Jul 2015 09:28:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"559b9bab-8e8"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2280
expires
Thu, 23 Mar 2023 08:03:20 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=356&m=0&partner=7273&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7273%2F151217%2F7df73b2ae9c44143b01939bb098e9178_logo_all.png&v=3&w=400&s=U6DTXOPQRLJhg1oNKJpwG6Ys
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a41245c14c602ed2867989291cb4a5b63fec42770c85881aeb07a3dae7220e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29987607
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6267
expires
Fri, 10 Mar 2023 09:56:48 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7273&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7273%2F220325%2F39b9de58e5ca4f7da93214dc2d6cf37d_img_horizontal_1.jpg&v=3&w=1200&s=ybNIr8y8nGP0jBHyAjMccrTc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4e2b3f251158c6b963e1ab574329c7b4f673057e1df9256ba82a87dd9e6f7afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30851019
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
39602
expires
Mon, 20 Mar 2023 09:46:59 GMT
49cf3d4beb6a4e1087ccf4630ee1cf9d_cta_m_o.png
static.criteo.net/design/dt/7273/150707/ Frame BFE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/7273/150707/49cf3d4beb6a4e1087ccf4630ee1cf9d_cta_m_o.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9362e78275050a5f3a0b98e969a1083a8ed4318f8d063938ff4478e58177d310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Tue, 07 Jul 2015 09:28:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"559b9bac-8c6"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2246
expires
Thu, 23 Mar 2023 08:03:20 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdw42e3f97e%2F405266_90CX_1__39605.jpg&v=3&w=400&s=Wuy5XStabqJckztAFZ-wJutr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6abcc856493c3bc586b48f007c7abb1cf9569eba693ec7fd08a40f19651f1452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2193501
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
35626
expires
Fri, 22 Apr 2022 17:21:41 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdw508eeda0%2F405238_40RX_0_FR.jpg&v=3&w=400&s=r2-2h5hQF1KF0qhwqCM0GRgv&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2cc201ae0daac46220dabff1297ef04b00c437c828ef7fb595db2b38d7d2d09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=949054
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16692
expires
Fri, 08 Apr 2022 07:40:54 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdwf2a1e0c8%2F102769_10WH_0_FR01.jpg&v=3&w=400&s=OsMtzahxayDw4FuRDw7BgqGR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
dcfa4bb2f3d098b3b627005d80d6ec62b61f97653e92f35ed735adad4f786de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2366842
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15368
expires
Sun, 24 Apr 2022 17:30:42 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdw7b366085%2FSAMIRA_MIGHTY_IBIZAIBIZA_FRILL1.jpg&v=3&w=400&s=9ZzHzvPHnNndOAg4pacJ2vcp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9f0eac2429f50c03954bcea78a2221626a8d446afa597366feeaaa9e533639b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
49768
expires
Mon, 28 Mar 2022 08:03:20 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdw48878a56%2FEMILY_MOUSKIDES_300314_80KH_3.jpg&v=3&w=400&s=pd3VOKXS95sfJHIIh64rtI3r&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c12160730fa3ab112d480e035b0f791be9e2a680065e289dc72cb421dcefbee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1664941
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19018
expires
Sat, 16 Apr 2022 14:32:22 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdw3958a462%2F102071_10WH_FR1.jpg&v=3&w=400&s=TQkK255bPtzziaVJ4E-rIuPj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
78e232ebd166860de3d218268afcab0db5f7dbaf888d5cea0e837613639c1d6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2404569
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16606
expires
Mon, 25 Apr 2022 03:59:29 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdwd16dd1a4%2FJOANNA1.jpg&v=3&w=400&s=qTLxigsJM8PieK8LH2RdkbzO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
05b66c4b0f4a790e3621acf7239a6822789a60016fe71e9686e350439d2d2642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:19 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2194092
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
46110
expires
Fri, 22 Apr 2022 17:31:32 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdw744dbd47%2F209539_01GM_48248.jpg&v=3&w=400&s=mFBLgdvn1N-5Vl2zBOpjM4qV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5110f8151effe17975322d67986cd3795903f281dc16ff33cbf10614aefa3447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2369389
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12126
expires
Sun, 24 Apr 2022 18:13:10 GMT
img
pix.eu.criteo.net/img/ Frame BFE1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=7273&q=80&r=2&u=https%3A%2F%2Fwww.bouxavenue.com%2Fdw%2Fimage%2Fv2%2FBBFD_PRD%2Fon%2Fdemandware.static%2F-%2FSites-bouxavenue-master-catalog%2Fdefault%2Fdwadf04941%2FTAYLOR_WARD_MARNIE_PJS.jpg&v=3&w=400&s=TvOj9nCI4ArdlTTPMfPrNRHO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0adea1db9d386f9bbd55734d4b04c52404242ea73546940f73f535655230b44f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1974645
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
28298
expires
Wed, 20 Apr 2022 04:34:05 GMT
all
csm.eu.criteo.net/ Frame BFE1 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rAmEDBpumL3e34KYBjMqBpK1yROJUanr3ENTZHqwZBGvcXhFz1q9Re34UWy5qVywJNbaMBjFcGHB2osL5BJMwImLJTJyz-FSqqj2wEALVBhYK4mm5nJGUOohqVVRhxNGqMOrOV0910hfL-hVDnoStWugYONpUxPSFGbdbvtnSlBKI2gSjtCwzQLP9h_rzJt4nyU96bhjG53tIwndmUZAkwlTo6FLRitNgGwvJZ75IAPOQrpmmWxWYIRmu3EG_6wZEICChw&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:19 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BFE1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 08:03:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BFE1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 08:03:20 GMT
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 57D0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish
124288944
Cache-Control
max-age=639
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5953
Expires
Mon, 28 Mar 2022 08:13:59 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame E65B 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame E65B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXjTX8yM0b4qJxO4Eka5enRHwMhK_OLIURmfri06Zdeb8TnKw8&d=CnkAoCZ_4ESKhsJyIOT_IqKo7aqE9Lhq724w_O6diULu6vzFI73l6sMRdReMmHdNNe6mLanJtct1nKM7sGHs5il8oP9eP6OHETYFnDd1QSAUrWkZHMROQbQWF2y37z96nuN_EbQy5HsNB6Nbu19d9tUpQO42MKBAYTLjEtkUAKAmf-CFnZ8887npFwQl-fABitJaBbvsUR2-TgpLPRv6gFPPZT_kV42dOH4qOo8zbvLkc3MkM5hAv2Qvt8s-ZXhGTM7L_PO3Agd7Vsx7vAQMtJU6NQbOkZEFPjYHesMa8oAklHXNEOV9PLaMVGzCKppyi9mtCtyLopDVEKmcvivfUXBhMI36HazAUT5z7P2FJ1-Hcl9t7Q3OFYs66ST3yYsx9fRE-vBzS-0WD_1SMVDKbnzXi2-L8gBCCSqAXNYvTnjCkCaCoUyOrM-exmZ-n8Tukl33zOJNxDXq9BmhLM1ozmXtcV85idFn-51FEqEO3_W1_VJPlnx--nvg9lzKOYEGyN9_xgkm0TLrnIvNDv0iqFjQXOalo8W_gc46lImgkjUjZRkESWc2uxbYR6wAu9Ra1Ona4toypCodJYf25r8fVXX2FFLhbC0CbGr_41o8OvHMBV_ys738JtqAyICtIB2VFnQDlxnCOD_X6ZJO-KE5cDLkzk2XYHv0idZoelMthopen39YKTakMmDwbYOn2CStr17ParSFcv36gdWumf5ntoncWKIOj67hIvLOIqsu-KfVJ7fdw8klGrGAPskjyuCB98R3HFtwxqGHms64agY5rtMekNNodXgG5x9jT_Om-aE9UcOPYhkFEVyYkpsaADwLaLtZwa3vUQm_J6xW5Fp583f0V4W37D7CI6naN-yKmC4BC4I48-O8fkZaaYHrDTEuA_iPILeqNnNn8Ti0Cxknr5l-7gXCrE-JE1TEMCUk-f2osMsntTrKjF8WYIDALA8taD7FrOwhngS22u6vajWBJZck8UoBIVfCsXPNEnikd0f4D7mhFGqQEc449BmquvEafQ9RjtYChxGz9nGCSnOisYSPESgseL32Z2Nh40qtuF4PVvfg11ifxBoe6dBuuEtZejnd4igrlKZo2Yzr2VP7iKKZvTQMCEUoG4lOag_pTTLG4A97bl0lDWW_KRyaxZGjxsYA8v0VwnaHRwf82pn_Rnof3bAKW3eSHJx4abb0vXbQChtIIlKV6Kg7V9mdPrm2JSFH3SVJq_RJJefAhP0b0-iU2Bd0hgN9frU_5djjcUzgI59U2LA3-3Uya8tyQimhOkSMH7E2ZId5iYmRl5Zgy-bWFDv1ZhZ_NcrOBBRMRDLlbJYuTISL5zBmaFk11MEsg2znDnLvt4Vqaxl7x38hh_OCXiJl4NuZ0GEnbGMCex6iUAC2RtoM27PItfC9yCyFrw4wwiCmQXo_cplmxTwB2xyZEuFr7eg6bxT4D1vZUH24_d0ZybKuJcdHmhndsbQz9fGjL0LGcLZEKvR1k3ZMoFlk-3Oay-RkLp6GlY-Tq2LjKf3HGjZYm6a2CJ4JK-0JOMqUoZebayr_fAgnKoHW-SAZ9cU64tLM0MI25v-z4tWWnkf3564ujAhqZZT6hINhzwfpMHruVBmD7tSqbYMxXV1dVs9RmMwvN7icObZNuZrAiDTtL8xanF_v9UwbrRaTnS2prGgdH5dtS4nXPfO298FNhwojTVJgcDZQoYq0YqG9wxTAKwH_hEqwFtYRebpqvtpljqvBW_kwSp_TzyIOvn9MTVm9pvI2Lo7SxGJAkzPjsxiPEULG1p6k6O7neaqieMyBq8wnV6O7PCWqMFA7Ys2OcMr-xdqejgNCgx1c7sSnq0lwcQEPWiNq4m76-LPBGPGuSR-WnxDVKu9NjTJ7CEAxkeZxp6LINSnAzCxujK4WiZsbcBlNidtv3aqtUUya7QTy1-OyQVB7BQDvdR5658IJMompQUgbSkZEnAGiVtS1iwljQJd8aUyM1KY5df3Emk-1h52GWAgn0jU2hjFx9mmUxb3fISlWYfZTHi7thl574JnINXVUabQM8Bx32Y44AIVz4gMvnJpNPBDHX4sJQMGLm5-6M8HcJrJDUsL5mz5JubQA3XjAaD5gT0lT0iRn8mbYX8P-5x8lftrQ9lUK50RrZ0bPRNwmkHrZbtkeJpmTjAfBNhcSHv-Sii4nvruvw2TAcn30H2m92avwSrYE-1N9UxulI2n_KWgtwbrc76avgNrDoKymHnBYP0vjOEDFpKoqqypeuS9C7eO93UE47mRTVOMBr7aMQju_ZwSqiQ-dkjKUoTej7uDuQx3qSGEcaq2HoLmu_9Q0J74xcq6Q3GSs-vjA5xt1TzUruhOMMZAq8XWVOjC-7HMfIJZ99SRv1HyZwqvKa9Nv5v9nc6S0HSuXeWf9xvvQBJ1VhBF23HEJZszwnzWGjv-x533KPvNXajZBzJKO4OplmQ7kvAe25sGGl9NMQ7x6JCU0Yk8bhS9vIsGf6Ggv7QIahtWpUxEe60GJmfbSBEyuLCSjjuJlQlq6NvfPSTq0q8yHai4hHEdqwxYL1dH70oiJr2sF0n7cuWP-MWhsKtAq5NRxhWN1rH9I572O1j2X0kZwr_ACWwwbFILk-8Wt-s743Kwoj2dmfyMdcbugi-tLW-c1Z0O6idR5Lw95zJkrYJsLY5L5PfUDOEOXsWepdINtSr1wQBMZmO52gFgAI4JBYbFjbeo1kt8SNSslwdkzAAMDfUMsu25nIOyH5Lj6n6EheDQO73pogM5LTc6avbD37aJ3068x5RVRMdLz2jlRPMHtjn49zrPMAS24ad8Fkxcf0-LeQY1Ktdxa9bQYt_FRdfVYYeMlLLE6fw5IzzE9sQ-FyC5SVdfOr1f2vBF4HA6EhQbCcliRhIT3CMRwzFY1R3UyCi_g1LCTMM_mIDkiYp20jXkg2XiGLZ6JhsDSJsZVw-NttoyHU6ufbrMaGSPQ-iQFmgGZUwh_OGzIJBDlm_mvBy4zMXM1UjsQJKR_CLHb_4xwxf5I5zGf6xzggg5MMVVwY0PkpvncZZ05ZBdcGTtGdbKp_UXFgj12G2UeD3xKi7ZFWrF3o329fhZQgZPCQTw4N3XgT6laWLW43jyItBRE2pzwsLgMQ2_ESBEM-4ajA60NyZlLKgY9Jt-yxdxZTM3wc5glUVkDMNx0iMo8UNvAvbfwi78Y8ag46wc78Z4NyXKCp7RxaaQzlmaSBqh65AclIJGWD19Dvwq-L_OaxaM7NAA6V_Sfg_szwLqbZG38XA34oL949pA1Xx6JDNlzLJUX6cQ7kzSjEeZ6IzrKGvxJ1bGd50ut4kKS9f0_j6uhN63bYqy7oYFGl-u_q2aLnew61NzzHT9PN5fKUIWTs-8kT4_2zUAdcFsX8L_cAwHpkO1F0Tk5jmfzXNvSnpeYbFRMT7BS2G0CJDliXaNBarzRCekkrpzR_bmwmLaZ75wL1ENchhSodUvn5Gt-qE8AHsVM07nb-RRAR_GC3bg5csx0GZaUhIh_YiEGfLt4GwrAuuC1W8HeKrUcd57azkW0J_YS3eCeB9CHAA8HqirmSmV03A8OXDsXS4W1y5d7_owSBnZyXsYsYe0ephRp0Wv2m9wRO2GnMuFkt8lVoqpm4acbr_eoBdoZLIzS4wXuEaySO7eUgB0_0ZO-KoVXDNtfUKHUbL_2DARjHH2TgFYBE1dSUSTAXuX15Jaw5Q-AGikIABIl5GhGqHBQ5aG5bBXbcC8TF1Ap-LeDSBk04Q8DkAs4GCChz-wJTmAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:00:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame E65B 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXjTX8yM0b4qJxO4Eka5enRHwMhK_OLIURmfri06Zdeb8TnKw8&d=CnkAoCZ_4ESKhsJyIOT_IqKo7aqE9Lhq724w_O6diULu6vzFI73l6sMRdReMmHdNNe6mLanJtct1nKM7sGHs5il8oP9eP6OHETYFnDd1QSAUrWkZHMROQbQWF2y37z96nuN_EbQy5HsNB6Nbu19d9tUpQO42MKBAYTLjEtkUAKAmf-CFnZ8887npFwQl-fABitJaBbvsUR2-TgpLPRv6gFPPZT_kV42dOH4qOo8zbvLkc3MkM5hAv2Qvt8s-ZXhGTM7L_PO3Agd7Vsx7vAQMtJU6NQbOkZEFPjYHesMa8oAklHXNEOV9PLaMVGzCKppyi9mtCtyLopDVEKmcvivfUXBhMI36HazAUT5z7P2FJ1-Hcl9t7Q3OFYs66ST3yYsx9fRE-vBzS-0WD_1SMVDKbnzXi2-L8gBCCSqAXNYvTnjCkCaCoUyOrM-exmZ-n8Tukl33zOJNxDXq9BmhLM1ozmXtcV85idFn-51FEqEO3_W1_VJPlnx--nvg9lzKOYEGyN9_xgkm0TLrnIvNDv0iqFjQXOalo8W_gc46lImgkjUjZRkESWc2uxbYR6wAu9Ra1Ona4toypCodJYf25r8fVXX2FFLhbC0CbGr_41o8OvHMBV_ys738JtqAyICtIB2VFnQDlxnCOD_X6ZJO-KE5cDLkzk2XYHv0idZoelMthopen39YKTakMmDwbYOn2CStr17ParSFcv36gdWumf5ntoncWKIOj67hIvLOIqsu-KfVJ7fdw8klGrGAPskjyuCB98R3HFtwxqGHms64agY5rtMekNNodXgG5x9jT_Om-aE9UcOPYhkFEVyYkpsaADwLaLtZwa3vUQm_J6xW5Fp583f0V4W37D7CI6naN-yKmC4BC4I48-O8fkZaaYHrDTEuA_iPILeqNnNn8Ti0Cxknr5l-7gXCrE-JE1TEMCUk-f2osMsntTrKjF8WYIDALA8taD7FrOwhngS22u6vajWBJZck8UoBIVfCsXPNEnikd0f4D7mhFGqQEc449BmquvEafQ9RjtYChxGz9nGCSnOisYSPESgseL32Z2Nh40qtuF4PVvfg11ifxBoe6dBuuEtZejnd4igrlKZo2Yzr2VP7iKKZvTQMCEUoG4lOag_pTTLG4A97bl0lDWW_KRyaxZGjxsYA8v0VwnaHRwf82pn_Rnof3bAKW3eSHJx4abb0vXbQChtIIlKV6Kg7V9mdPrm2JSFH3SVJq_RJJefAhP0b0-iU2Bd0hgN9frU_5djjcUzgI59U2LA3-3Uya8tyQimhOkSMH7E2ZId5iYmRl5Zgy-bWFDv1ZhZ_NcrOBBRMRDLlbJYuTISL5zBmaFk11MEsg2znDnLvt4Vqaxl7x38hh_OCXiJl4NuZ0GEnbGMCex6iUAC2RtoM27PItfC9yCyFrw4wwiCmQXo_cplmxTwB2xyZEuFr7eg6bxT4D1vZUH24_d0ZybKuJcdHmhndsbQz9fGjL0LGcLZEKvR1k3ZMoFlk-3Oay-RkLp6GlY-Tq2LjKf3HGjZYm6a2CJ4JK-0JOMqUoZebayr_fAgnKoHW-SAZ9cU64tLM0MI25v-z4tWWnkf3564ujAhqZZT6hINhzwfpMHruVBmD7tSqbYMxXV1dVs9RmMwvN7icObZNuZrAiDTtL8xanF_v9UwbrRaTnS2prGgdH5dtS4nXPfO298FNhwojTVJgcDZQoYq0YqG9wxTAKwH_hEqwFtYRebpqvtpljqvBW_kwSp_TzyIOvn9MTVm9pvI2Lo7SxGJAkzPjsxiPEULG1p6k6O7neaqieMyBq8wnV6O7PCWqMFA7Ys2OcMr-xdqejgNCgx1c7sSnq0lwcQEPWiNq4m76-LPBGPGuSR-WnxDVKu9NjTJ7CEAxkeZxp6LINSnAzCxujK4WiZsbcBlNidtv3aqtUUya7QTy1-OyQVB7BQDvdR5658IJMompQUgbSkZEnAGiVtS1iwljQJd8aUyM1KY5df3Emk-1h52GWAgn0jU2hjFx9mmUxb3fISlWYfZTHi7thl574JnINXVUabQM8Bx32Y44AIVz4gMvnJpNPBDHX4sJQMGLm5-6M8HcJrJDUsL5mz5JubQA3XjAaD5gT0lT0iRn8mbYX8P-5x8lftrQ9lUK50RrZ0bPRNwmkHrZbtkeJpmTjAfBNhcSHv-Sii4nvruvw2TAcn30H2m92avwSrYE-1N9UxulI2n_KWgtwbrc76avgNrDoKymHnBYP0vjOEDFpKoqqypeuS9C7eO93UE47mRTVOMBr7aMQju_ZwSqiQ-dkjKUoTej7uDuQx3qSGEcaq2HoLmu_9Q0J74xcq6Q3GSs-vjA5xt1TzUruhOMMZAq8XWVOjC-7HMfIJZ99SRv1HyZwqvKa9Nv5v9nc6S0HSuXeWf9xvvQBJ1VhBF23HEJZszwnzWGjv-x533KPvNXajZBzJKO4OplmQ7kvAe25sGGl9NMQ7x6JCU0Yk8bhS9vIsGf6Ggv7QIahtWpUxEe60GJmfbSBEyuLCSjjuJlQlq6NvfPSTq0q8yHai4hHEdqwxYL1dH70oiJr2sF0n7cuWP-MWhsKtAq5NRxhWN1rH9I572O1j2X0kZwr_ACWwwbFILk-8Wt-s743Kwoj2dmfyMdcbugi-tLW-c1Z0O6idR5Lw95zJkrYJsLY5L5PfUDOEOXsWepdINtSr1wQBMZmO52gFgAI4JBYbFjbeo1kt8SNSslwdkzAAMDfUMsu25nIOyH5Lj6n6EheDQO73pogM5LTc6avbD37aJ3068x5RVRMdLz2jlRPMHtjn49zrPMAS24ad8Fkxcf0-LeQY1Ktdxa9bQYt_FRdfVYYeMlLLE6fw5IzzE9sQ-FyC5SVdfOr1f2vBF4HA6EhQbCcliRhIT3CMRwzFY1R3UyCi_g1LCTMM_mIDkiYp20jXkg2XiGLZ6JhsDSJsZVw-NttoyHU6ufbrMaGSPQ-iQFmgGZUwh_OGzIJBDlm_mvBy4zMXM1UjsQJKR_CLHb_4xwxf5I5zGf6xzggg5MMVVwY0PkpvncZZ05ZBdcGTtGdbKp_UXFgj12G2UeD3xKi7ZFWrF3o329fhZQgZPCQTw4N3XgT6laWLW43jyItBRE2pzwsLgMQ2_ESBEM-4ajA60NyZlLKgY9Jt-yxdxZTM3wc5glUVkDMNx0iMo8UNvAvbfwi78Y8ag46wc78Z4NyXKCp7RxaaQzlmaSBqh65AclIJGWD19Dvwq-L_OaxaM7NAA6V_Sfg_szwLqbZG38XA34oL949pA1Xx6JDNlzLJUX6cQ7kzSjEeZ6IzrKGvxJ1bGd50ut4kKS9f0_j6uhN63bYqy7oYFGl-u_q2aLnew61NzzHT9PN5fKUIWTs-8kT4_2zUAdcFsX8L_cAwHpkO1F0Tk5jmfzXNvSnpeYbFRMT7BS2G0CJDliXaNBarzRCekkrpzR_bmwmLaZ75wL1ENchhSodUvn5Gt-qE8AHsVM07nb-RRAR_GC3bg5csx0GZaUhIh_YiEGfLt4GwrAuuC1W8HeKrUcd57azkW0J_YS3eCeB9CHAA8HqirmSmV03A8OXDsXS4W1y5d7_owSBnZyXsYsYe0ephRp0Wv2m9wRO2GnMuFkt8lVoqpm4acbr_eoBdoZLIzS4wXuEaySO7eUgB0_0ZO-KoVXDNtfUKHUbL_2DARjHH2TgFYBE1dSUSTAXuX15Jaw5Q-AGikIABIl5GhGqHBQ5aG5bBXbcC8TF1Ap-LeDSBk04Q8DkAs4GCChz-wJTmAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 07:59:35 GMT
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&m=0&ar=9f397fe3151-clean&iw=5b1803a&q=2&cb=0&ym=0&cu=1648454600446&ll=2&lm=2&ln=1&em=0&en=0&d=18966%3A170420%3A6331246%3A3451559&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=0&ii=6&bo=18330&bd=kolobok.ua&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&gw=allresponsemediaglobalftdisplay739160694092&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A450%3A450%3A0%3A1150&fs=197724&na=1534154598&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 84AE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2023 15:10:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 04AC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
7776
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 84AE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a307f896bb746a7c71fa7185da82d66193910ce94c3926bc0e24412173ff510

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FD82
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHHeMys6GbiqdVpiheSoJ9I&google_cver=1&google_push=AYg5qPKp1UsZpNJ8RLDIsi7UGJDptnuO8RCAWHcDHRq6D2BQwxjITApwHHZfX6KddhZxMbsQhzgKSMm3f8cRDPHRmYiXCTG3OfQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk0NDM0NzY4MDg4NjU0MjQ2OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_MJhFU3bPotyKsTcqES6Y&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_MJhFU3bPotyKsTcqES6Y&google_cver=1
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_MJhFU3bPotyKsTcqES6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame FD82
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBoaU4KoxZNSKoJFlbB8jzc&google_cver=1&google_push=AYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBoaU4KoxZNSKoJFlbB8jzc&google_cver=1&google_push=AYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uO...
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBoaU4KoxZNSKoJFlbB8jzc&google_cver=1&google_push=AYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f2ed947bb097717-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5593
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f2ed945efec7717-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBoaU4KoxZNSKoJFlbB8jzc&google_cver=1&google_push=AYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI_P7a7GVo307F7ei4YBp9cqawnColly516h_8ohAgasgmVFBRfZm_2owvnCjqYlatSjoEVZd-thXH1JvWR31yrISmk3uOy%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FD82
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAuZQ2ppeng8dj_vY4umU4U&google_cver=1&google_push=AYg5qPLwwcKAiPNaRpoR6PynitBzMZ_nYcx0U8tz8RJUoXtYwtA2UlNgleoWOLpEoZV9-Vx3sb02MlwUtvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLwwcKAiPNaRpoR6PynitBzMZ_nYcx0U8tz8RJUoXtYwtA2UlNgleoWOLpEoZV9-Vx3sb02MlwUtvZMr2tN8DrQxl9B2hM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLwwcKAiPNaRpoR6PynitBzMZ_nYcx0U8tz8RJUoXtYwtA2UlNgleoWOLpEoZV9-Vx3sb02MlwUtvZMr2tN8DrQxl9B2hM
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLwwcKAiPNaRpoR6PynitBzMZ_nYcx0U8tz8RJUoXtYwtA2UlNgleoWOLpEoZV9-Vx3sb02MlwUtvZMr2tN8DrQxl9B2hM
Date
Mon, 28 Mar 2022 08:03:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame FD82
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGQ3M56g3qDzg33MipkPix4&google_cver=1&google_push=AYg5qPJDpEz6zPKQTMxv79V5mBISyr_lETQCpajVSEg3wdI3NBBhttrDOwNPwNk_LcCoiMy6IZyerO-rnNuKRjy8aSP_SIH...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDpEz6zPKQTMxv79V5mBISyr_lETQCpajVSEg3wdI3NBBhttrDOwNPwNk_LcCoiMy6IZyerO-rnNuKRjy8aSP_SIHIL9VH&google_hm=NjA1MzU0ODYwMDkwNjIyMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDpEz6zPKQTMxv79V5mBISyr_lETQCpajVSEg3wdI3NBBhttrDOwNPwNk_LcCoiMy6IZyerO-rnNuKRjy8aSP_SIHIL9VH&google_hm=NjA1MzU0ODYwMDkwNjIyMjg2Nw%3D%3D
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Mar 2022 08:03:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDpEz6zPKQTMxv79V5mBISyr_lETQCpajVSEg3wdI3NBBhttrDOwNPwNk_LcCoiMy6IZyerO-rnNuKRjy8aSP_SIHIL9VH&google_hm=NjA1MzU0ODYwMDkwNjIyMjg2Nw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame FD82
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEIvWsqy7zxV85UU3Dl1agvU&google_cver=1&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5f...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIvWsqy7zxV85UU3Dl1agvU&google_cver=1&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GK...
0
0
um
cs.emxdgt.com/ Frame FD82 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESENmpMvM78QeKHmorTQjvrO4&google_cver=1&google_push=AYg5qPKTcq1ubQlo9nMKlWQJW2YrhF6wt73dC7s0VX6AZbq92oidAFot8fsvodHBFdIm6u379dXAP2X2S6QnORJ_4Coh40PauL1Qpw
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame FD82 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQSzrWLAsdZCnwcT7i--K66cvbQ9qlWvitVLIQa3p9vVYQ16ksBIfd242qWwkxF6Y
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame 9D07 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
39176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 21:10:24 GMT
index.html
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 11BC 		124 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14e3682452826a69718b0db8dd9ab40bdd34792151733fc2339a62f44d3254f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
30971
date
Tue, 22 Mar 2022 10:25:35 GMT
expires
Wed, 22 Mar 2023 10:25:35 GMT
cache-control
public, max-age=31536000
age
509865
last-modified
Thu, 10 Mar 2022 16:36:47 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 84AE 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6mBBLSRutrL3ADX6Kt9F9WUMogRgo6rP4HNTbxJL_JlM7rZvpXpMdqOt8AXBqL2N2O0vKySNTrQx_dKK7ci20xlfDTtM3C5UzMZKtwKJVd4pkSb6Yc-wS3cJDu36X7qV6_WYNljYjhLzmXrd8lq1q_5HJlAnR8HAgb4hjwHef85FbUHv7tO5N7Cl_7-O_GXf8c0Bl1Oq1jVMW2J62RYAEHwB0Im-fehve-S5Y5AfqmiWOYszexo2Gb_IOYn3dc_WEa7wB5zFRv4SSWa4OH-k6t5rBA9ftuu9gKiAh8HRhA6UAsguEZdMSQo5jsoP3o6LKHq2tHs3Au1Mv8kcCOZ52tMfp8ZuJ5TulKdSXbDfZiRBCMrrFhvER5MaaNBcOqKa0kfF7VMYI7mSLowRvKwNbMn79rvsAMJndOKbZHjzDf1zYP8Xa-xzed8rvoiNWT43wWTdGoFodxHqZ-zkEG8CB4VBZwH5qhILGAH3AywJzbyE0HXJTobbWvEXDVWv5WE67jZQhOKK37ENBz2g0BL5lDuT1KvJgMEDl_3xNwLvfwPCZfSlVeYMv7MmZNj65i452sbuqGjEQn2JsR9tFciGxIzyuCKjooA1C0xiBbqBT76wc9WFzKs5FfiGH32nIPXtIo-jlJZTr4vjvW6oYa_V7ucN3_vu-rrYBszxSmyTTdFtt0tFCmubNPj1wPXW05-ITY4ulTlJ8fDY7upJyMYrzLxizmKF6XlOq-MRqHvxd-lvR-UuokbzRvdQ5Hxy01HdbaJFWqel1P7Vy1fl6rax8IaBkQBbI08fDpbXdn5zK43DZWhBzY11ZX4wWhfmVUhWzV05-gVT6S0ximECPLGcxGeFTTObm1VUhHmHVwp4t-Bk4P0XP-rO1iPWlb96v-jTprBGlaFFlrXXlovRfnkbM0LJNvlbj6MqL34Cdl4WTQxg2nEedxMBoRklgfa4xeygHH27rmW5W60puTaszmnlNBHsbks2eZiyhz1i1As090iK8XX-kGhaB7FvlDL5zVPi3jjuWe66KhbqkalL0YGEYK2YvbLspJZLe4tl4MxNJMdQQDmdVUz2fb4gN5F4YrkXONhY7vPK3oReV3-f27T73b642UDl5wp6rfcu9SLWS2juQuu2Pq_6QJtKX4Z4EwlCT3_wnW_mXh55wdVxvhMefMM-WRIrqys06bFdRpj3tbn7wm3ps1qIl7Xlxl7BL7H1n&sai=AMfl-YQa6Nv5SxvvkRrrBQCj5APWQcXOGoDvEq9k_qgTQCE9xf_BLY0514B-8PQx6R9l4O9JA0FWLp6lOzsyAy1hgsdg1b0xoeCTxkRy5cU-tRGy8Y57YUvQJTdJRVq3Kg2P5A9J__PGqqQ_916bFDTGHLg70MdPCdCB9AWhfntKUO5yTfVzz3WL2gzl8oh9bHLKcSFdZZZ7ozkZDbFf1ALit2jO&sig=Cg0ArKJSzGWdyXeRbMlMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=272&cbvp=1&cstd=270&cisv=r20220323.97117&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 28 Mar 2022 08:03:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/14953942473639587053/ Frame 09B1 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae1d820f1ede30ca2d21bcc1e63f4ba77d43e7f44baef8c8cc184fdbad0240cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2253
date
Mon, 28 Mar 2022 08:03:20 GMT
expires
Tue, 28 Mar 2023 08:03:20 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame E65B 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9cURcG_b70Ulrj-_LLI8K7L5kPyYQdnUPxxpvZo6eHyG4ohPE4PwItVoh_LSLsy-caUTuamlXcNxeAoAW7pYF81qyXVo0KjqiPsDp96NCfTT06qWRZvA-fOb-uV77aGtq_xPd6L-iiLVyytn7&sai=AMfl-YSTivUyVuv_E5DkR-A77xoduj0Eubsa8nmH-kyaBHw4G8H7wgSmrhDy6ETm3nZQXEih9ysU6pc_-daaYaNRmfevp333MQ6RIyotN--M6eG4vjIjKV0IviRz2lTM&sig=Cg0ArKJSzD9Aapzba5iPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=195&cisv=r20220323.40275&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dv-measurements2439.js
cdn.doubleverify.com/ Frame 2B9B 		513 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2439.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:494::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2f2668f538fd2169ea4cd0341da6b502f9bb741adc42cdbeb546b41b1fafda60

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Mar 2022 04:14:03 GMT
Server
Microsoft-IIS/10.0
ETag
"80f7b425a42d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97027
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 167D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
7776
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E65B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d833010ef20705b6f1b6845dda6be1ee03057098521b128f6c43402717b1b244

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements2439.js
cdn.doubleverify.com/ Frame 9C99 		513 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2439.js
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:494::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2f2668f538fd2169ea4cd0341da6b502f9bb741adc42cdbeb546b41b1fafda60

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Mar 2022 04:14:03 GMT
Server
Microsoft-IIS/10.0
ETag
"80f7b425a42d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97027
assets_728x90_1.png
cdn.flashtalking.com/142462/3451559/images/ Frame B663 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142462/3451559/images/assets_728x90_1.png?1618593763894
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
8a25ec3cccb8c158112c6b231d0c0c081946df6d9b28f76ddf4788aa824bfd4b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142462/3451559/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Last-Modified
Thu, 13 May 2021 15:41:24 GMT
Server
Flashtalking (AKA)
ETag
W/"4a342bcd3b154b70d1bc4876579d4fae"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
661763434 661663535
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
105866
Expires
Mon, 28 Mar 2022 08:23:20 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 53F5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Mar 2022 09:34:28 GMT
expires
Fri, 24 Mar 2023 09:34:28 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
340132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.flashtalking.com%2F142462%2F3451559%2Findex.html&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=68&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A450%3A450%3A0%3A1150&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=51&cd=0&ah=51&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=988664218&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:20 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 04AC 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJkbq-bvuEGkN6xRBJ1nG_o&google_cver=1&google_push=AYg5qPILM32djp3TXlfA19Q4MbU5njDQ-SmMqUxQgxmopO8vg9t2_-0Tpi9qwgJTln6ifdx9c5cq0H7ssQjT3O6seolMjhWMw1-5
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 04AC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3nvyOIofLIAuY6DqmNxww&google_cver=1&google_push=AYg5qPLv-wPoRWEorwUoSiS79rPOyTAYjRh09CIgh4QYve5wlDqYIdxnI6GKniD0KH7krYCA9KxeAZehrJ4jGBTLwQaS13o...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLv-wPoRWEorwUoSiS79rPOyTAYjRh09CIgh4QYve5wlDqYIdxnI6GKniD0KH7krYCA9KxeAZehrJ4jGBTLwQaS13ogaEuE&google_hm=NjA1MzU0ODYwMDkwNjIyMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLv-wPoRWEorwUoSiS79rPOyTAYjRh09CIgh4QYve5wlDqYIdxnI6GKniD0KH7krYCA9KxeAZehrJ4jGBTLwQaS13ogaEuE&google_hm=NjA1MzU0ODYwMDkwNjIyMjg2Nw%3D%3D
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Mar 2022 08:03:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLv-wPoRWEorwUoSiS79rPOyTAYjRh09CIgh4QYve5wlDqYIdxnI6GKniD0KH7krYCA9KxeAZehrJ4jGBTLwQaS13ogaEuE&google_hm=NjA1MzU0ODYwMDkwNjIyMjg2Nw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 04AC 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEABwA8FaAEgx3yQnkH9E3qI&google_cver=1&google_push=AYg5qPJBlr1-Geg1HV4PjngQaFk9pS5b0ACz_1JiOTwc0_-NvG1IvEkjyyaDvM15sABNhbVbq0YppdjGem9yoAn4oqfbKexZx1dv
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:03:20 GMT
pixel
cm.g.doubleclick.net/ Frame 04AC
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELkozFBTHVF67j3IsfxvUug&google_cver=1&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELkozFBTHVF67j3IsfxvUug&google_cver=1&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopN...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu_T_xl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu_T_xl
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLt0l_uq0fyBY4AlOp24IxuJvZ_cS9gs69f3vfej2OmlWVdGz_OzCSfK78aE8QSG-iYlKaqQfiWMVZWJNBtRXopNiu_T_xl
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 04AC
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5rCeh2WymZl_eZ9P4SAYc&google_cver=1&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE8...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5rCeh2WymZl_eZ9P4SAYc&google_cver=1&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE8...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE82UnedU1NsyY&google_hm=2c61ec2a540db538d08fe646
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE82UnedU1NsyY&google_hm=2c61ec2a540db538d08fe646
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 28 Mar 2022 08:03:21 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLNfOGhN0feugNUOPJs6pp7r1Ws2AndGcfoLoc8FAqyozauLUahWX9C9L1hD7FcixhLJr4JubtgPI61ZgfE82UnedU1NsyY&google_hm=2c61ec2a540db538d08fe646
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 04AC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-3fe4cc2d-256d-49e8-82d7-0f7c1f5e36b4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIe0b8RtQYMwP32wOIvn...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4&google_hm=Az_kzC0lbUnogtcPfB9eNrQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4&google_hm=Az_kzC0lbUnogtcPfB9eNrQ
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIe0b8RtQYMwP32wOIvnRqvYTCpHb5xlGwu_A8_rLoV80tOj2o5rhVcZd985A-Ij8KC2DaxZHRzM4HbW_K2bByjLws6Ub4&google_hm=Az_kzC0lbUnogtcPfB9eNrQ
date
Mon, 28 Mar 2022 08:03:22 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3fe4cc2d256d49e882d70f7c1f5e36b4003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 04AC 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEH3kiZVcfjwq6Ez7VbiUvuY&google_cver=1&google_push=AYg5qPJcbkebGSTpqSV_jbb4CvNcBfbTPOpMVgtlWo39egv2lrOVQmuBxdG15vAmyQqf3_IFNjonQVDxP8eqn7v2ChG-isgJ_7mckA
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:03:20 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 04AC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOWEfuGbQkhcgp3SyMESbIdcIQ6MtlkRouVevqBoGgCRsNklM7Zt-RlEMwhF7f5VC0l0A9ew
Requested by
Host: 06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
URL: https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCXdXx2tBYq_HJsiH7_UPtqCQkAwAAAAAOAHgBAI&bg=!bm2lbSnNAAbzJazn0yU7ACkAdvg8Wq2jdJJpTvGUf2tqqiIZ_FeL8lHEGS97fndnPl9L9qJ6qfpo2AIAAAF3UgAAAAZoAQeZAwW9zvWsVbheRA6PSf4yg9Madv8Cee7LeqYTg45oCob2yiLQMHtSvU6FSCVdr6G5gkwEdWCd67IlVMecE-YuDDNctbSHLMjwRezF15iFyBpmGunes8C_RtbsHked3v3_H1piHrXZFpJfj1N-GfKn3ZCKxeLfemOdjH1yGrCmXWuYGewb947ae2mhsqX-ZUdvS3KZnd7160umAJz2WYC-wghoglzoxonw8EvUk8jltCjaqagCK6TUByQ-RUz1I-gEah6UK8571847WDqyg9rx2ySQz2fXsuCvEe6IDy_aBS0T9GDTFmYuOhPPdox9KT73fTo0YFe62VO-TaiRZG9pLZnkXeqpAXCEoJo5_91ERA2uaX2YE0RVC-TKHLtTOucro0U5Jje6AXaSMirV9NjYAiIA-yuGG7EYXsDi2hIEASBCaVLHO8Rfm8yxmui-cvGOpQhR6Pse-36XTNuw0ulNc-xeEryX90oHtS-cV86K0GRc7s658bB2A1b5a5Tcm23N8ex-8QInrjGtfguetz351pLYyotWVykvQkH8xqw1-TFooBjtTbbj8tHdqimCvivMZpSxXxrZE4oRKWPd7LyJk7ud13CCBL3xs7qMmMB4_iLf-ejoFLoQZkYv6DjZ6JfT87oYFgHPdscOngfZIildiR9bBLRYX5NlYoSQ9kazapVXmjKKCwu_TeFWU71qFACJpjQu_F3rhhOBZ-TxL9IONnQIIf_oqTWS51oaloGzqofhB-7aWFyCy56XvzNWfCf2GPGjwmGxAccdtUSh3MAZKPUqeYwAxlo_nP4wHmbUuIwd_fg7pkczpI_Gq87HN_KSpInFYyCNdY1M84TiSxPZ2jDMY5Q1m86BcSGXAewD5h8RD_rJp-1j-bxVvXkwF-Ox8ni7PK_66m6X8r_VhieCEnzCMQptNbe5ARQJRN8bqOYLrCe27-XhFJdvVt9JT7e8lFltDhsR0cU-c0J_6T3piKYQ5uZMGAzJ4zIsnv0aSQZXOS00vlAqMpQXbhWe0PReemGZWSuNjw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 11BC 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 08:03:20 GMT
customease_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 11BC 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/customease_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3697
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 08:03:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 09B1 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 08:58:54 GMT
loading.gif
s0.2mdn.net/sadbundle/14953942473639587053/images/ Frame 09B1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/images/loading.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1960c94e1c5ee83bb9f6385667ce93dd64c2917b65a517daf5485de3fdee801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:41:24 GMT
x-content-type-options
nosniff
age
426116
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4531
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:41:24 GMT
noImage.png
s0.2mdn.net/sadbundle/14953942473639587053/images/ Frame 09B1 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/images/noImage.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:41:24 GMT
x-content-type-options
nosniff
age
426116
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:41:24 GMT
pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 11BC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options
nosniff
age
509865
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14547
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 16:36:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 10:25:35 GMT
dialog_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 11BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17137914016371007003/dialog_shadow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cffb4befbeb3e1d3cc390c2811565db360f23653f08849c72d0df12d0e346b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:27:58 GMT
x-content-type-options
nosniff
age
282922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1895
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 16:36:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:27:58 GMT
cursor_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 11BC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17137914016371007003/cursor_shadow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 10:25:57 GMT
x-content-type-options
nosniff
age
509843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2678
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 16:36:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 10:25:57 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB&am-uid=d73f0b5fc56645aeb99c0bc4c5c9f324&zone=A075CDDA-98BA-41A3-B223-8962EA9EB7F3&device=28&rule=990B1948-8B56-4DA2-BD8C-4C29C86D9944&requestId=b19922a9-fa7e-4ddf-a3f9-9f4aea9e1afa&hp=-1705868720&page=kolobok.ua%2F&ts=637840513984654634&ap=MTA%3D&asign=1946950308&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-5&pxl=0&pvid=c45bc4b3-cfff-4981-bc36-32b7e84854ad&ip=5.187.21.105&item=C47A83CC-55B9-42E4-B331-49ED6E236C96&crid=C47A83CC-55B9-42E4-B331-49ED6E236C96&profile=7C88FCBA-DD81-4892-A724-C3969B97E235&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
bg_728x90_1.jpg
cdn.flashtalking.com/142462/3451559/images/ Frame B663 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142462/3451559/images/bg_728x90_1.jpg?1618593763894
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
3831a0eab7d36582d8c6f9cc9a601a5d19bd36181f120fd0dcc14cf5a19db95c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142462/3451559/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 08:03:20 GMT
Last-Modified
Thu, 13 May 2021 15:41:24 GMT
Server
Flashtalking (AKA)
ETag
W/"b930399609d1cf3f5f2a780b1977c6da"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
94737534
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
15349
Expires
Mon, 28 Mar 2022 08:23:20 GMT
pixel
cm.g.doubleclick.net/ Frame 167D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECtPJpGcn_h9K8H5xwebmZc&google_cver=1&google_push=AYg5qPLaQggnh_9kr__RVcn2_W0VExn5hJPSHKJP_8G1Zwsn1nyPiLC5Ew...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLaQggnh_9kr__RVcn2_W0VExn5hJPSHKJP_8G1Zwsn1nyPiLC5Ew9sZXiLbSWQvHUBcWOfj0FBuM4giCDoZbWHCyLhOJ7X&google_hm=kJ5zhbgx6bh4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLaQggnh_9kr__RVcn2_W0VExn5hJPSHKJP_8G1Zwsn1nyPiLC5Ew9sZXiLbSWQvHUBcWOfj0FBuM4giCDoZbWHCyLhOJ7X&google_hm=kJ5zhbgx6bh4plMHa8X6kg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLaQggnh_9kr__RVcn2_W0VExn5hJPSHKJP_8G1Zwsn1nyPiLC5Ew9sZXiLbSWQvHUBcWOfj0FBuM4giCDoZbWHCyLhOJ7X&google_hm=kJ5zhbgx6bh4plMHa8X6kg
pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 167D
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJHxiGxCTUOe8QJE3jnjfe1Xjt6f81i6uvYJhz...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtGcnlRQUFBVnp3NEhaaQ&google_push=AYg5qPJHxiGxCTUOe8QJE3jnjfe1Xjt6f81i6uvYJhzfnWnrnzahnZ-xBTFWHj3QOpcgKVMWcNRSXq4l3mDVV7PE65QKFca7yQM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtGcnlRQUFBVnp3NEhaaQ&google_push=AYg5qPJHxiGxCTUOe8QJE3jnjfe1Xjt6f81i6uvYJhzfnWnrnzahnZ-xBTFWHj3QOpcgKVMWcNRSXq4l3mDVV7PE65QKFca7yQM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtGcnlRQUFBVnp3NEhaaQ&google_push=AYg5qPJHxiGxCTUOe8QJE3jnjfe1Xjt6f81i6uvYJhzfnWnrnzahnZ-xBTFWHj3QOpcgKVMWcNRSXq4l3mDVV7PE65QKFca7yQM
Date
Mon, 28 Mar 2022 08:03:21 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 167D
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSa71v...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLSa71v...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjgwODAzMjEwMDA4MzI4MTgxMDY0Nw%3D%3D&google_push=AYg5qPLSa71vaaEBcAZe4GSIQRR-BPw4PyuSI7TMZCYgNoJnFxSVzKdLPZACb1zuO6Z19k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjgwODAzMjEwMDA4MzI4MTgxMDY0Nw%3D%3D&google_push=AYg5qPLSa71vaaEBcAZe4GSIQRR-BPw4PyuSI7TMZCYgNoJnFxSVzKdLPZACb1zuO6Z19kt27NrY2aHDS9oYgpl4db6DPemcask
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjgwODAzMjEwMDA4MzI4MTgxMDY0Nw%3D%3D&google_push=AYg5qPLSa71vaaEBcAZe4GSIQRR-BPw4PyuSI7TMZCYgNoJnFxSVzKdLPZACb1zuO6Z19kt27NrY2aHDS9oYgpl4db6DPemcask
pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 28 Mar 2022 08:03:21 GMT
dds
rtb.openx.net/sync/ Frame 167D 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIPKuK-_c1uJgfdIcI4_Xxs&google_cver=1&google_push=AYg5qPIHO2MWyGxz-6707UbCtdDSH8-4wFhIJLI8539amDcgx7NCrmWmjWK-2onwrU-ZReNf95rpc_cuv8PFPELPrUDgY2Q2079P
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
uc65huq13epfdp09f0e99hks4gogng72
pixel
cm.g.doubleclick.net/ Frame 167D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UJviG80nRFy-Vc69OuVcQw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UJviG80nRFy-Vc69OuVcQw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJMr5xEqhoQ9rOBmxCAumUmLx15ImZ_c2vxVGWWepyBfkLmz_Gveazm30KoyTeSlju_KEZvyjh24MB5NDilhLxGvwZ9Olqq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UJviG80nRFy-Vc69OuVcQw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJMr5xEqhoQ9rOBmxCAumUmLx15ImZ_c2vxVGWWepyBfkLmz_Gveazm30KoyTeSlju_KEZvyjh24MB5NDilhLxGvwZ9Olqq
date
Mon, 28 Mar 2022 08:03:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 167D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK4ytfsFS7c5TWzuv7-wFfc&google_cver=1&google_push=AYg5qPJ2CYp8Kczs7GYSFb3CoUx1XseJDPeKhgvActsjdNVtwniXRRNt0TYPyJi3s-BJpNf_B0U...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyTFAtQS03STY0&google_push=AYg5qPJ2CYp8Kczs7GYSFb3CoUx1XseJDPeKhgvActsjdNVtwniXRRNt0TYPyJi3s-BJpNf_B0UWIDqS8bH3CaOuXkuKilRE2p4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyTFAtQS03STY0&google_push=AYg5qPJ2CYp8Kczs7GYSFb3CoUx1XseJDPeKhgvActsjdNVtwniXRRNt0TYPyJi3s-BJpNf_B0UWIDqS8bH3CaOuXkuKilRE2p4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFBRkIyTFAtQS03STY0&google_push=AYg5qPJ2CYp8Kczs7GYSFb3CoUx1XseJDPeKhgvActsjdNVtwniXRRNt0TYPyJi3s-BJpNf_B0UWIDqS8bH3CaOuXkuKilRE2p4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 167D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYc...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 167D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ikt5oph3eN4kchCGMC3iFZtA6AeaJGPI9a1iBOb3fvMRPWijPxwIT0uWsCxOgaVn-xHzFs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454599106&bpp=3&bdt=139&idt=96&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=1178406326&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31065832&oid=2&pvsid=1745969730896166&pem=554&tmod=1207350428&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8r0pd71nkq7h&fsb=1&dtd=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=263&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A450%3A450%3A0%3A1150&aa=0&ad=101&cn=0&gk=101&gl=0&ik=101&ic=101&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=51&cd=51&ah=51&am=51&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=897287191&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418292&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648454598943&bpp=3&bdt=120&idt=129&shv=r20220323&mjsv=m202203220101&ptt=9&saldr=aa&cookie=ID%3Dee2801189d4b1aa1-22d2560f67cd00bc%3AT%3D1648454598%3ART%3D1648454598%3AS%3DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ&correlator=2526833698839&frm=23&ife=5&pv=1&ga_vid=1681840888.1648454598&ga_sid=1648454599&ga_hid=463196771&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065831%2C31063247&oid=2&pvsid=344576184885944&pem=554&tmod=822020348&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0fe9lg1wxbi&fsb=1&dtd=141
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:20 GMT
visit.js
tps.doubleverify.com/ Frame 2B9B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=285&ttfrms=28&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1648454600948758&jsCallback=dvCallback_1648454600948666&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2439&tgjsver=2439&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D250%26slotname%3D4383251613%26adk%3D555675689%26adf%3D2751418290%26pi%3Dt.ma~as.4383251613%26w%3D300%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkolobok.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648454599106%26bpp%3D3%26bdt%3D139%26idt%3D96%26shv%3Dr20220323%26mjsv%3Dm202203230101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Dee2801189d4b1aa1-22d2560f67cd00bc%253AT%253D1648454598%253ART%253D1648454598%253AS%253DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ%26correlator%3D2526833698839%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1681840888.1648454598%26ga_sid%3D1648454599%26ga_hid%3D1178406326%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D970%26ady%3D356%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1902019436%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760475%252C31065832%26oid%3D2%26pvsid%3D1745969730896166%26pem%3D554%26tmod%3D1207350428%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.8r0pd71nkq7h%26fsb%3D1%26dtd%3D110&fcifrms=31&brh=2&sdf=2&dvp_epl=213&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://kolobok.ua/&c1=1819931&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0jeXgiGL2xfY0RuUUj-jfDk&aucmp=16554449236&aucrtv=413083350&auorder=27319051&ausite=266259341223&auxch=1&pltfrm=1&aufilter1=1819931&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=86594702712.31007&dvp_tukv=49845385.48021332&dvp_uuid=6318424101.358326&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=717349438006
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
1cc5e9c3e74bcb195b2c9ccddcd5e3946df25506c079334af9e88a9840f3493d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:07 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
03/27/2022 08:03:21
visit.js
tps.doubleverify.com/ Frame 9C99 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=306&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1648454600980595&jsCallback=dvCallback_1648454600980388&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2439&tgjsver=2439&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D250%26slotname%3D4383251613%26adk%3D555675689%26adf%3D2751418290%26pi%3Dt.ma~as.4383251613%26w%3D300%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkolobok.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648454599106%26bpp%3D3%26bdt%3D139%26idt%3D96%26shv%3Dr20220323%26mjsv%3Dm202203230101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Dee2801189d4b1aa1-22d2560f67cd00bc%253AT%253D1648454598%253ART%253D1648454598%253AS%253DALNI_MZL3Nwhgbm-GaGkMmsYCN4z_T2PVQ%26correlator%3D2526833698839%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1681840888.1648454598%26ga_sid%3D1648454599%26ga_hid%3D1178406326%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D970%26ady%3D356%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1902019436%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760475%252C31065832%26oid%3D2%26pvsid%3D1745969730896166%26pem%3D554%26tmod%3D1207350428%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.8r0pd71nkq7h%26fsb%3D1%26dtd%3D110&fcifrms=31&brh=2&sdf=2&dvp_epl=213&noc=4&ctx=24745814&cmp=27440817&sid=4007930&plc=331084922&crt=168028120&btreg=523257855&btadsrv=doubleclick&adsrv=1&advid=4405895&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=86594702712.31007&dvp_tukv=20199603347.69913&dvp_uuid=146049366.3837523&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=415285876408
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
587b0967de9749da9f7ff07286d27aac92a5cc040e3fa1c7e4aeb710263b0f20

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:17 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
03/27/2022 08:03:21
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 53F5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 84AE 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6mBBLSRutrL3ADX6Kt9F9WUMogRgo6rP4HNTbxJL_JlM7rZvpXpMdqOt8AXBqL2N2O0vKySNTrQx_dKK7ci20xlfDTtM3C5UzMZKtwKJVd4pkSb6Yc-wS3cJDu36X7qV6_WYNljYjhLzmXrd8lq1q_5HJlAnR8HAgb4hjwHef85FbUHv7tO5N7Cl_7-O_GXf8c0Bl1Oq1jVMW2J62RYAEHwB0Im-fehve-S5Y5AfqmiWOYszexo2Gb_IOYn3dc_WEa7wB5zFRv4SSWa4OH-k6t5rBA9ftuu9gKiAh8HRhA6UAsguEZdMSQo5jsoP3o6LKHq2tHs3Au1Mv8kcCOZ52tMfp8ZuJ5TulKdSXbDfZiRBCMrrFhvER5MaaNBcOqKa0kfF7VMYI7mSLowRvKwNbMn79rvsAMJndOKbZHjzDf1zYP8Xa-xzed8rvoiNWT43wWTdGoFodxHqZ-zkEG8CB4VBZwH5qhILGAH3AywJzbyE0HXJTobbWvEXDVWv5WE67jZQhOKK37ENBz2g0BL5lDuT1KvJgMEDl_3xNwLvfwPCZfSlVeYMv7MmZNj65i452sbuqGjEQn2JsR9tFciGxIzyuCKjooA1C0xiBbqBT76wc9WFzKs5FfiGH32nIPXtIo-jlJZTr4vjvW6oYa_V7ucN3_vu-rrYBszxSmyTTdFtt0tFCmubNPj1wPXW05-ITY4ulTlJ8fDY7upJyMYrzLxizmKF6XlOq-MRqHvxd-lvR-UuokbzRvdQ5Hxy01HdbaJFWqel1P7Vy1fl6rax8IaBkQBbI08fDpbXdn5zK43DZWhBzY11ZX4wWhfmVUhWzV05-gVT6S0ximECPLGcxGeFTTObm1VUhHmHVwp4t-Bk4P0XP-rO1iPWlb96v-jTprBGlaFFlrXXlovRfnkbM0LJNvlbj6MqL34Cdl4WTQxg2nEedxMBoRklgfa4xeygHH27rmW5W60puTaszmnlNBHsbks2eZiyhz1i1As090iK8XX-kGhaB7FvlDL5zVPi3jjuWe66KhbqkalL0YGEYK2YvbLspJZLe4tl4MxNJMdQQDmdVUz2fb4gN5F4YrkXONhY7vPK3oReV3-f27T73b642UDl5wp6rfcu9SLWS2juQuu2Pq_6QJtKX4Z4EwlCT3_wnW_mXh55wdVxvhMefMM-WRIrqys06bFdRpj3tbn7wm3ps1qIl7Xlxl7BL7H1n&sai=AMfl-YQa6Nv5SxvvkRrrBQCj5APWQcXOGoDvEq9k_qgTQCE9xf_BLY0514B-8PQx6R9l4O9JA0FWLp6lOzsyAy1hgsdg1b0xoeCTxkRy5cU-tRGy8Y57YUvQJTdJRVq3Kg2P5A9J__PGqqQ_916bFDTGHLg70MdPCdCB9AWhfntKUO5yTfVzz3WL2gzl8oh9bHLKcSFdZZZ7ozkZDbFf1ALit2jO&sig=Cg0ArKJSzGWdyXeRbMlMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=778&vt=11&dtpt=506&dett=3&cstd=270&cisv=r20220323.97117&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 1962 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdg1VRQ1QrDP2ubV8k0GWSIv0RwYwj-yzwBZWTf5niJqsekR2Ta9-GW23z7JkjCPISwCuNhh2O85NnWvifp9_562obVGQbgPyIVfpOCODryMl-jEP85Q&sai=AMfl-YR4TaUCph1BHv34UGC5cosFjwm1LODEYTqSAP5qjptih6EMAQ9P1LQYHjlKoYq1TeEi23zeW7xeyRdNkunTcxnVLLKD6cK8mxcisdrbiZlje_jDNf7QP5kRtko-&sig=Cg0ArKJSzIZLdCpJI9I2EAE&cid=CAASF-Ro7ol6KSwkEyXOAaQ6UJwYCzh-7oEm&id=ampim&o=310,1000&d=980,200&ss=1600,1200&bs=1600,1200&mcvt=1050&mtos=0,0,1050,1050,1050&tos=0,0,1050,0,0&tfs=314&tls=1364&g=100&h=100&tt=1364&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E65B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9cURcG_b70Ulrj-_LLI8K7L5kPyYQdnUPxxpvZo6eHyG4ohPE4PwItVoh_LSLsy-caUTuamlXcNxeAoAW7pYF81qyXVo0KjqiPsDp96NCfTT06qWRZvA-fOb-uV77aGtq_xPd6L-iiLVyytn7&sai=AMfl-YSTivUyVuv_E5DkR-A77xoduj0Eubsa8nmH-kyaBHw4G8H7wgSmrhDy6ETm3nZQXEih9ysU6pc_-daaYaNRmfevp333MQ6RIyotN--M6eG4vjIjKV0IviRz2lTM&sig=Cg0ArKJSzD9Aapzba5iPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=689&vt=11&dtpt=489&dett=3&cstd=195&cisv=r20220323.40275&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 09B1 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e119795385bc6cba2ca8a1fa8a74a0a0399e055804052b85d1affd536d20c283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5531
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 09B1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 57D0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTe9mE9zF3WTmffQQ3e54S9YxfaQ8bzJgZmmXs_43YQnn8CvdKmxZajJeO5MaT-O1y3noN_QzquiUZaUJmMgub5Q_pZuA_RkwAMePc&sai=AMfl-YQ77YiLv0KtjvKQuer4tM7YZf_WkZSXclAbxzRFGLLaxOEH6hlVE6sZEG3v7kQvjvpMLdrf4o1rCpOMaFdvSkJEqWgLM-fLLnsXb5JDF4pPMiA6npIJw5B5JUSk&sig=Cg0ArKJSzLq8UpGMwjcrEAE&cid=CAASJeRoecDFDfXM9Tt6UGPIewrB1k5ak2TmYcRw0ZV5_ii-ZJN2AWA&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2257904722&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648454599085&rpt=1131&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
s0.2mdn.net/sadbundle/14953942473639587053/styles/ Frame 09B1 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/styles/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ae6aacbaf65c6a05b7214314c4e6d3e603fb21477b688d6b9d027e7f58afc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2842
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:42:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 53F5 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKSi3yGtBYu2LDrie7_UPpK-f-A4AAAAAOAHgBAI&bg=!j4yljMjNAAbzJazn0yU7ACkAdvg8Wu9UvENecr7dBX0Q52z7ovD5u7PENLH0luuG6SfLkqBBjuX27wIAAABwUgAAAAFoAQeZAyWrpTN08sjHa5oweZFJADnGwTaXYg1IMRuHM94rjc7u5wSSYjhgTJyaZQdPUHP_BMA-vOV7gI3_ouvmOY6dNesRRtsviJDYfKN_-S6Stnx-S0qSwp86GW30a3kHZZFjPkNDTTY0muOgDy-HqyOqMse96Qvg_l81h9nMAPOKOVFiUl2sNubBQxxrrMeWKrk6On4uYC70CJxEAUErl4GLSR_oeiKhmbmbGUxg-CkxEVekX667uG78YyY7uoiEWyB5Y1SIBkbqxVrM9MK8FSeJyIns9fOve2rEUxZ2LUO8Fts_3K8UWrA-vygExrIauoaRccMH6zNyQgvvX9aziXEhyVdLRKvVBaUfwVTV1ASVbaCQ1M5HPxG5N2-shaAizXwbArBQL09NdNqiB_D_1g0DIo-KMXDue2J7mtTFeg5H5iv9iNFOk3GO85S4U2fZ8G3HwHqwqR_yar5oJOlxm5FTAMTseSOsjznOirQYpzZtWv_60IWHo5ET7Pu51jWr4hcEt4mwtU7TZSBqHMaeuUEZOGYYsfiDUxlYl-saAHoWoWwZnJ9aVqw1l2dVkFrl2w3hOuanKw-a4jTnLxjptfNL3x7wAgdGeKRb5pI0L5_v_xcBp28CYtOX62YkQdjoG-ywGwJ9fMBoxh8uEUZ2092Mqog9mWO0zciIc-fZiZNI2yDD9vrfyr9DcZqhIZnygL4kB37oCKtEC1zd61Moyo0E6-R0zbLNf1hgm5K_0VWt-sl5yhvqq07-pH3PPqtTAkzOM52dAEXUqR7JWumw2AEXRnvV2kQmhIlSydQpG0rh44all1FsC3Y3f6dME_JNHcc9Y_TRjeDavgzBIgpe3fbL5aYJRSJ4yZkyxJM8SIglVTnzSQwaxmv1sPLyHuGfvKfj50rxvHZwgBfNi_pQYvbjQa8uItfNKO0JX6ghkD1q5mM6tu92yMwMx3mIW8uwRiDe8_PSLOJ5n5Wfe4fm1EtgndwVk4aMfytFI7-6ktJwkodxl9YQ4wK3dG8MUIoawWvQlxBh4-F45Do3s7TrBjJe2YCawuzl6HeQFHk7YnD0CT0qT4Iy6IQK
Requested by
Host: kolobok.ua
URL: https://kolobok.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 09B1 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 08:03:21 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 15A5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BFD2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 07:59:08 GMT
expires
Tue, 28 Mar 2023 07:59:08 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0160 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f36bbd3987ff3ef74d434ec3c29bba1d1285a8012b250a79f47e84a9463c9287
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QfC1R2JLhSxO82eGWs7+VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 28 Mar 2022 08:03:21 GMT
date
Mon, 28 Mar 2022 08:03:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QfC1R2JLhSxO82eGWs7+VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8626 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 07:59:08 GMT
expires
Tue, 28 Mar 2023 07:59:08 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B3F7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8160ede4fd5daecdcceae665e1ed105ed786740fa8feefd5b62882106b420c0b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bjpn8oEyIzE2iO0n0J7kgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 28 Mar 2022 08:03:21 GMT
date
Mon, 28 Mar 2022 08:03:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-bjpn8oEyIzE2iO0n0J7kgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dcoConfig.js
s0.2mdn.net/sadbundle/14953942473639587053/js/ Frame 09B1 		250 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/js/dcoConfig.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c634eb12aa88d5a87ee54d0e1746955218a03f646c5a1e3378d48d289dfe6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:42:20 GMT
loadDynamicContent.js
s0.2mdn.net/sadbundle/14953942473639587053/js/ Frame 09B1 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/js/loadDynamicContent.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36da0cb34afbef0ecdabe3faaffa160f3ce89b5be0ca3caf46f3393f38881ed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426060
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1918
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:42:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4152f256fe3d3bf292c2824acce18debe67557fc911d47a37a92daca0e51bae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10585
x-xss-protection
0
page.php
www.facebook.com/v3.2/plugins/ Frame 77D1 		0
0
/
exchange.informer.ua/informer/stat/ Frame 9F2A 		0
0
/
exchange.informer.ua/informer/stat/ Frame 5664 		0
0
/
exchange.informer.ua/informer/stat/ Frame 783D 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=344576184885944&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B3F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=1745969730896166&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame BFD2 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 08:03:21 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 8626 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
main.js
s0.2mdn.net/sadbundle/14953942473639587053/js/ Frame 09B1 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/js/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bde79917f3c2657d200dfe70fa614ef7ede54c9efc95e846da811ed4966943f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426060
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2294
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:42:21 GMT
setDynamicContent.js
s0.2mdn.net/sadbundle/14953942473639587053/js/ Frame 09B1 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/js/setDynamicContent.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23371129a04d8939b326041b3ac9ad8a09dc070733bab323e63ca5bed7453e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426060
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1948
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:42:21 GMT
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=1167&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A450%3A450%3A1976%3A1150&aa=1&ad=1006&cn=101&gn=1&gk=1006&gl=101&ik=1006&ic=1006&ez=1&co=1006&cp=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=930&cd=51&ah=930&am=51&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1426948956&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B2F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 07:59:08 GMT
expires
Tue, 28 Mar 2023 07:59:08 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F836 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
12a98d1e2a7564ec0005db20d5f87d374b0509987a68c9bdbf8b0ccebd5667c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LBzdzh/Y1Kv467iYaQJ70g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 28 Mar 2022 08:03:21 GMT
date
Mon, 28 Mar 2022 08:03:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LBzdzh/Y1Kv467iYaQJ70g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
37207215_20211108081459330_img_reserve_300x250_x2.jpg
s0.2mdn.net/ads/richmedia/studio/37207215/ Frame 09B1 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37207215/37207215_20211108081459330_img_reserve_300x250_x2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7e6b76e9f113da354e1ab756120749e02e2b59842af81856bbef5b11de70b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 16:18:53 GMT
x-content-type-options
nosniff
age
56668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53182
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 16:14:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 16:18:53 GMT
37207215_20200609014224686_noImage.png
s0.2mdn.net/ads/richmedia/studio/37207215/ Frame 09B1 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37207215/37207215_20200609014224686_noImage.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 07:22:59 GMT
x-content-type-options
nosniff
age
2422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:42:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 07:22:59 GMT
37207215_20211027043923486_img_frame_300x250_x2.png
s0.2mdn.net/ads/richmedia/studio/37207215/ Frame 09B1 		438 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37207215/37207215_20211027043923486_img_frame_300x250_x2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
800c010d1acdffed8a8a17810b9de73c51489441172f27dbfffaffde702fada4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 10:14:11 GMT
x-content-type-options
nosniff
age
78550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
438
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 11:39:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 10:14:11 GMT
37207215_20210409070750326_logo_BA_300x250_x2.png
s0.2mdn.net/ads/richmedia/studio/37207215/ Frame 09B1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37207215/37207215_20210409070750326_logo_BA_300x250_x2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e86f70ccd4c1a5d69ac88329e66b7e9ab3d6335f6427f08e71b64ea192463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 10:14:11 GMT
x-content-type-options
nosniff
age
78550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1611
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 14:07:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 10:14:11 GMT
37207215_20210409070800099_logo_BA_partners_noATOL_300x250_x2.png
s0.2mdn.net/ads/richmedia/studio/37207215/ Frame 09B1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37207215/37207215_20210409070800099_logo_BA_partners_noATOL_300x250_x2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20d673e8501af3b070b8e903b3010a8686fc89fb1676c3d2d343f738c74da922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 10:14:11 GMT
x-content-type-options
nosniff
age
78550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1389
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 14:08:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 10:14:11 GMT
37207215_20210219035528845_btnReplay_x2.png
s0.2mdn.net/ads/richmedia/studio/37207215/ Frame 09B1 		320 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37207215/37207215_20210219035528845_btnReplay_x2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ed1124d089360cbc228dbecd18b62255405f9885f39f5694e971f0aeb373a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/index.html?e=69&leftOffset=0&topOffset=0&c=UFDCRyUFQg&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 09:45:05 GMT
x-content-type-options
nosniff
age
80296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 11:55:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 09:45:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E65B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZwsu8Qr3mtvMSplqJSc64Oi5Rh1X-x4L_guIQgG-TKFhDh28gur2h43AkyH5dMDIRMvV7F65cZWW61WepAgz4RgNRJR1phpjEZbs89oe_vHYOw1KP5g&sai=AMfl-YQf4PoCNWixwHPL26mgVDHrTkJAqNziHHIrVgNKh0H5TCzTGi-49yzin_Tcc4xsFB1hLFVe7c2ZhbLDFrMENgaj4MUy6_YZeAsHEFXZiGcjpl2HuvcO94KMaD9i&sig=Cg0ArKJSzMGStoX-YJ2sEAE&cid=CAASJeRoRqhwUOWhuWwV23AvExdQKfi3g0gZNOEPA5ALOBggoc_sCU4&id=lidar2&mcvt=1012&p=0,0,250,300&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=555675689&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648454599218&rpt=1442&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame BFD2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XQ2YHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=1167&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A450%3A450%3A1976%3A1150&aa=1&ad=1006&cn=1006&gn=1&gk=1006&gl=1006&ik=1006&ic=1006&ez=1&co=1006&cp=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=930&cd=930&ah=930&am=930&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1354185047&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:21 GMT
generate_204
tpc.googlesyndication.com/ Frame 8626 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?btcniQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
myliusmodern-bold.woff
s0.2mdn.net/sadbundle/14953942473639587053/fonts/ Frame 09B1 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14953942473639587053/fonts/myliusmodern-bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14953942473639587053/styles/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4c7525c01c489de9abf572955a21bf934f3a1ae5709c7225192fd88b83dfea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14953942473639587053/styles/styles.css
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 09:41:26 GMT
x-content-type-options
nosniff
age
426115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24700
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 12:25:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 09:41:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F836 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=1121662594564131&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=1168&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A450%3A450%3A1976%3A1150&aa=1&ad=1006&cn=1006&gn=1&gk=1006&gl=1006&ik=1006&ic=1006&ez=1&co=1006&cp=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=930&cd=930&ah=930&am=930&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=381018710&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:21 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:21 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 7B2F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
57855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 7B2F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sqDZsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame E65B 		0
282 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=15726c462f5b48e5b6d8c53025ac968e&nav_pltfrm=Linux%20x86_64&cbust=1648454602204905
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:22 GMT
Vary
Origin
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/27/2022 08:03:22
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E49 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=344576184885944&bg=!OzilOHzNAAbzJazn0yU7ACkAdvg8Wt2L-V2JdyUEcpJFYXarJRQxn1Gbl-W8zdF-4VIgtO2unAdbGAIAAAC-UgAAAANoAQeZAwSQ6nbi0FuIgtWfEEWtV9rcDHV_kRtw6rIyHJPTRQ8P3zqeJQLaD05FG4xPxZH55d7HO_W1zzHIoXW86-f9LT4JHae4EruQsuyCl9knFgPsdHfvNITJOLzJHRcft-SzYg75blYsS-GZIpc3ovAggzD9zEYWVgnxsw0_z-mzveTU6QaYfpFC9-ekTqXAsE20bGv7QP8N4mH96Th6Fk9YHs54799CDOidcEGV4CGqSIkTLRTAi0bnnXisEq9y435NkomoIGWWkW4r46YqPnK7xbKxL_vfNiouJeoPi0-2YNIQiBYKWYPmpGKDx0UiXTHGUDZCrRXn8UcH0pijzkgdRGufWnElNlX7SE-mMFwtqNHm2K6_E9F09mVYLQ-iVMzwhzWzQsBKeaCej2YDnZvGHNMW7KBcWMKDEUfDRK3xJtVABE41OuqZhG9tiuhLX3O5jJBnWKAclw0BlxpZA_fkgtL_JL6jkLCiOJRgVudV-i78N3fUTrbMjeMrLy-gmE8KuvoLSC3wkiMfHvLgtKaT9OY3K0SrRiRp--wXF9ucvy5oayXUZFY8kPKbq2Km2hks6tJuQ1Y3BEXKK0bFC9gswVvz1HTtxpifcTkA2h7pMnZtZ9l5K1F0jH77Nvl646EvbyGpAciDl3827U_NArUoTgdJ8d1TnlfrocgYc1R4VrAUF4wFUp-zZpvzfteOwTgT5XusYQ-HGD1R6soqe8pXdwcgEF9Uhy2rxor4PeN01xSTKWuLYIrm7EjK06olxC1qsbqTszp-gK71UqdGUU7mrFq8lx5-vrSESuEAUyLgXl_c7-yr75FMx8aBxxhHO6THjuAWGzqixbeQqQEC_X33xacUiWvCesqtv_akOJ_E5a73sYkcfMZU-r8Fk6DVBKJMarSBIhik_r7k-fOSx9akRD_vsmr3ubfdXLdAJn6Xb760ejL3IHXY0qPrzkLu53f6czfbLAkefbPOvkzUzn5jIZ6ROm_sEBYVNTtUUUteqMc9QcvAOZfJQdmK3J17DrZFL4AtBkVq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4050 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=1745969730896166&bg=!JiWlJWHNAAbzJazn0yU7ACkAdvg8Wvn7hjbaRcW_UPO6i5wlODmwuDM7naTmuQSkMRq1QeSBgBkg0QIAAAFgUgAAAAJoAQcKAA7Q8YWt410cCxSJmERJFpkC2sApRFzfpxFnqqgfbrXVWWbXKNShWwh73cS-yqYPVjvcWfGMTvR3TPBucvNV5W77QvOLY3MqndvAuVQJM8yI6CfLwyHeDOq5Lupt5DyX6-8tTm86pCwhjo6SWPBJYxpHgv9_AjW6QP-wMqUVpZ4zupn6ptzu21c8sL3ksW-x_VnYt3XuKkfGrLIhTYKNGqExyVTYNrn5Wqk0KCDBaAm7BiZ8468H8ye1GQnblfu6QOIvQ13vrUwrlsUo_C0lEKqZisYfecrAfI9CMTuCKRz4XM507NF2WcxSNhKkW3FAg6TJK4N8vkXqvK8YHvN-knG7Kt8mrBpZC80CmQ6Qea4nmc-P8_vC1RjSejUB5b4c2CoY4IsXrKnzMg8d-4HxVHdjAuD9F1s3-GcavygtLDykHd9lnlI5ePPWthgx3It0FNsFjgFU578hVdqW1awBWazSz_7Ex5b3hz7shnJOUl2t0jm9Ui4B3-Js-ZHWx9w9hm6RP-Gg2WTAO7whXskkLGe2vM0A3aq4XVP58fxbtXInT64D-4j50FhLaVjvL2sKH8svQ8HYmcG_eL-KMT8zitxSllYGDPH75svNEdIWuOZ9A6vFIJOO2VejBIC_WEyuqVaKL4O5WmZrpZUIDX2G3jIPmwpAksnBkEcpIgomM9rqEh-E5JHNnUx1RC0AV81ZLn5GjskLbMtBUOq1KgCYKwdM0PiZqp6umaMamMSdveEeW3HSnHlIvOizF_9O0JdF-Brxcd26XjXAJgsczWMXTCHv5tn2BiuhV002nEYx-aU6nSj6i4RItdno9fk9psM9y71KBuz_9GAfnsb4745dGCC_k9-t8AFj14EDMwRViiYGdwmrcqLN-TdUA4JGLkE5OJYsQ3Ntj7bEAIIdl0rL7GDslr5j_uDue4iE-tWpBIpPfvh3MVE9JVcY7n3RS11PTQ7dnM0LD0Tq8ewJJ5td7Vhd4_HBPBX-_BDp5Gw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=1121662594564131&bg=!kZKlktbNAAbzJazn0yU7ACkAdvg8WjBHJuGrWhZLXAWuAcKEOCVyMgiqnfrNFCBo9nccdeyNJV-EjAIAAAEOUgAAAANoAQcKAAEOmQLM49GRMjUYiP2p8b91E-CMMdyLy6CBekO5Op6x1RrN0m14r150ta3CNkrSLF4FZVf9XuwRp9HpquAAOkJswndH79MRIZwP2_M5Yb-P_dGdDlYcXm5fWafcV-Kbyhjfvlm1JN5QwCoSKv2YW9otAipA-a473HDhaY6_p5D2JFvbDkpyMvtsnPdMK0hcMFcGVO95uBBylEUlg3blTdSi3NFkLuj4587Qh29zo62QOqoVG_PBJYKEp-5b1Fy1mid66yFp2-uI1wKG3JnCKUa6rSlyxxy8zmjug-6-_UBj-ZzW2omzu10ggh9Z0mcJWB9bIhocJj_MpsWKncay3eSg3GbMjD1pG0Cq6q7_OEswvBZZy6bkMXwB1zaNOqMEtyONE_bDe_quN3koWivke9yFio72nANfCgHBQLQG88FbeU0NRQNDznnGfBpX-Uo0rCD9xREDHSRU4ZdLBAb8EFs4Kof7dloJDXuHCHM3HaNvYi-lS3H4sZvyAEi3Cx2vBGaz2-FNx7L8EOZhc3xGt3FvVF8-R5BJTH3hhEpfeBPgh_9fNaQwTJHA-TXPbPbDnQnXAryFMPklqejnGedDuKQ-2v9aVvMJNSXN7eBFHmF_zBh5q_SnnF9fGvuopce2v-n_ycoKt2Ju8o0AGib5D4D9olxiJFLtYQKx3HhR5JWsEueGMb3HiY5ntgNFbna2bel0ulA5eSGdNM8WAdKKthxOqLet9klyQGIJPUA-o8_2ixLj3vvx7LtxTapvhfbH8hv0UO22WB49Cc6TIO9QqDHTvDgngpGkCUhLvk8psQ6IFfEkXTDea1GpiZo9TNGFE6Pz0UuZ0jaA0QAHH1gbr3tQgSSdR-x0ZSmpV-tPgNOHSylA3j5WCa_Pr1RHq87lCP0PGvQLPkvnx3CEv304QOt9ZzgKFwlNvnryBUBFWnMbOX6cVo-eOtUsMoUXuP8Je44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kolobok.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-frc.doubleverify.com/ Frame 9C99 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=5a6e947f86854872bc369d7886fbc200&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&dvp_t1stMsgD=131&vdur=248&eoid=8&msrjs=2439&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=11&msltms=127&vltms=248&sei=289&vetms=15&engms=1&engisel=1&ttfurm=2268&cbust=1648454603243413
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:23 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
03/27/2022 08:03:23
event.png
tpsc-frc.doubleverify.com/ Frame 2B9B 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=5ece2b15ffef4ee79f6e067f59e7bb5b&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&dvp_t1stMsgB=136&vdur=279&eoid=8&msrjs=2439&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=8&msltms=116&vltms=279&sei=289&vetms=19&engms=1&engisel=1&ttfurm=2327&cbust=1648454603250244
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Mon, 28 Mar 2022 08:02:26 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
03/27/2022 08:03:23
event.png
tpsc-frc.doubleverify.com/ Frame 9C99 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=5a6e947f86854872bc369d7886fbc200&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=10&ismms=10&isumms=9&isvelg=1&nvr=6&isgmmims=10&isgmv4mims=10&elmtp=1&isbxdms=2309&b0=100&b11=2489&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2589&sftb=2589&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=985&isuiabvms=985&isgmpims=140&isgmv4dpims=985&ispmxpms=985&engalms=9&dvp_dpr=1&cbust=1648454604242255
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
03/27/2022 08:03:24
event.png
tpsc-frc.doubleverify.com/ Frame 2B9B 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=5ece2b15ffef4ee79f6e067f59e7bb5b&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=10&ismms=37&isumms=36&isvelg=1&nvr=6&isgmmims=37&isgmv4mims=37&elmtp=1&isbxdms=2338&b0=100&b11=2481&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2581&sftb=2581&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1008&isuiabvms=1008&isgmpims=184&isgmv4dpims=1008&ispmxpms=1008&engalms=35&dvp_dpr=1&cbust=1648454604250436
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:20 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
03/27/2022 08:03:24
49cf3d4beb6a4e1087ccf4630ee1cf9d_cta_m_o.png
static.criteo.net/design/dt/7273/150707/ Frame BFE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/7273/150707/49cf3d4beb6a4e1087ccf4630ee1cf9d_cta_m_o.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9362e78275050a5f3a0b98e969a1083a8ed4318f8d063938ff4478e58177d310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:24 GMT
last-modified
Tue, 07 Jul 2015 09:28:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"559b9bac-8c6"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2246
expires
Thu, 23 Mar 2023 08:03:24 GMT
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=5313&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A450%3A450%3A1976%3A1150&aa=1&ad=5152&cn=1006&gn=1&gk=5152&gl=1006&ik=5152&ic=5152&ez=1&co=1006&cp=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5093&cd=930&ah=5093&am=930&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=116288525&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 91AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIbpSBEXtn1EUSZDHVQCQY33POVGspAnuQN7dRa29-jwpRogRWkd-964i2Echu3G9SfdDgrasvBVLgRKfGc2q9Sw&sig=Cg0ArKJSzBtO6ECp2wInEAE&cid=CAASF-Ro9tWq45bDIgAgVvMpXpqVoWSEAb0M&id=lidar2&mcvt=1000&p=1210,335,1390,1265&mtos=782,933,1000,1032,1117&tos=782,151,67,32,85&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=808509247&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648454599720&rpt=376&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame BFE1 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rAmEDBpumL3e34KYBjMqBpK1yROJUanr3ENTZHqwZBGvcXhFz1q9Re34UWy5qVywJNbaMBjFcGHB2osL5BJMwImLJTJyz-FSqqj2wEALVBhYK4mm5nJGUOohqVVRhxNGqMOrOV0910hfL-hVDnoStWugYONpUxPSFGbdbvtnSlBKI2gSjtCwzQLP9h_rzJt4nyU96bhjG53tIwndmUZAkwlTo6FLRitNgGwvJZ75IAPOQrpmmWxWYIRmu3EG_6wZEICChw&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkFrxwAGnYwKiwy0AAaH6CN-75218XgB855kQQ&u=%7CMgrE6eMld6kB97C6YDHO20UjQ63zdniOlA06M%2F%2FT4i0%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAGJ07wPhWOoW7rF2yKHGUj_jkRuzN7EdEAMEhxiTB-CBsyyVHmOsyN3ocsgrCDXLF6Hoiongcf0NVow_7vWI4nOh1Szpeb6LRQIiqgUDW5tErA-jKdCSeOh6zmvAbtEAJR84UB_38BBpj01SvZg8E44cnv685HZFyKnyJW69_kAnNjD6kPhIxQvbSWNnm_Yqws_2O_K2zd_Oyi1nUGdV2O0DzLyGF9iU_QJ9d4P4KAt5IkL-6MrbmVrDTe87I79agATxvd6dNcK8I7rF_L1Y3AskWU6rSXYk-lRv6y2D9mseJ-8rfWSOgqoeyFsjsfUZyzwAjzCgfYrCl3jQ7ktM4epGwNG7AfHnVWwZCBNDUz3V6P-WKqdX4Xn824FtVil0LohIbBMGDrb8tbewUenSFR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFrCox2tBYoy7GrSZrAToj5rYAeSP0rFcp5LhiIgBwI23ARABIABgu76ug9AKggEXY2EtcHViLTEyOTA5OTU5MDE5MDU1ODigAb3UiOsDyAEJqQJaFK09VB22PuACAKgDAaoEhAJP0AYl3LBqj9hK9c87_MHBWkAuokXw6zz3gmYLyx4JPqvgetm5k2ZXOppvlLZtNUprF4XCFKKK6Rr9E0eM6qCP12hqAJNFFInWZZlVeuIZQ9ggDRJRLAPFhdNg71FvogN-q9mZjEaMFZtqR9fzucFImGW7UWNuelPQU41pijheUKtRql002Ur6F7KYlHXz_9j2JLJdPcGHzSWaIldqnACwBrYtIM29Hupu-WAsXgMeZKD-hUWPICFPF8rZC3frmWDTyReOQpC5ab0pN68t6r-a8uhjEX7drkrYCfW16aNRm9R3m7X7Cn3pfETPyhsfr709LyoZ4YW-zMkWZomFchGvIAuSJ-AEAYAG_NyX3f6mhp2xAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0QLD5U6ZZwDDqzts1ew3pftboeNw%26client%3Dca-pub-1290995901905588%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 28 Mar 2022 08:03:25 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
pixel.gif
px.moatads.com/ Frame 57D0 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648454600446&de=833689529047&cu=1648454600446&m=5521&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A450%3A450%3A1976%3A1150&aa=1&ad=5361&cn=5152&gn=1&gk=5361&gl=5152&ik=5361&ic=5361&ez=1&co=1006&cp=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5303&cd=5093&ah=5303&am=5093&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=18966%3A170420%3A6331246%3A3451559&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=462715952&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 08:03:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 28 Mar 2022 08:03:25 GMT
event.png
tpsc-frc.doubleverify.com/ Frame 9C99 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=5a6e947f86854872bc369d7886fbc200&gdpr=&gdpr_consent=&dvp_masver=2439&eoid=11&cbust=1648454606346963
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:12 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
03/27/2022 08:03:26
3ccc924d10a34d4c9e6c446251bfcd64_cta_m.png
static.criteo.net/design/dt/7273/150707/ Frame BFE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/7273/150707/3ccc924d10a34d4c9e6c446251bfcd64_cta_m.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2defc23fcfd1db173c1afa8ad16bc156469e6d116a566e5202b521eacd1e6264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:26 GMT
last-modified
Tue, 07 Jul 2015 09:28:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"559b9bab-8e8"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2280
expires
Thu, 23 Mar 2023 08:03:26 GMT
49cf3d4beb6a4e1087ccf4630ee1cf9d_cta_m_o.png
static.criteo.net/design/dt/7273/150707/ Frame BFE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/7273/150707/49cf3d4beb6a4e1087ccf4630ee1cf9d_cta_m_o.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9362e78275050a5f3a0b98e969a1083a8ed4318f8d063938ff4478e58177d310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:03:26 GMT
last-modified
Tue, 07 Jul 2015 09:28:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"559b9bac-8c6"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2246
expires
Thu, 23 Mar 2023 08:03:26 GMT
event.png
tpsc-frc.doubleverify.com/ Frame 2B9B 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=5ece2b15ffef4ee79f6e067f59e7bb5b&gdpr=&gdpr_consent=&dvp_masver=2439&eoid=11&cbust=1648454606447849
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2439.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Mon, 28 Mar 2022 08:03:26 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
03/27/2022 08:03:26

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
exchange.informer.ua
URL
https://exchange.informer.ua/informer/stat/?s=ivona
Domain
exchange.informer.ua
URL
https://exchange.informer.ua/informer/stat/?s=smak
Domain
exchange.informer.ua
URL
https://exchange.informer.ua/informer/stat/?s=ivona
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms
Domain
www.facebook.com
URL
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1def20ee03ab4c%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff25ad6fd66c4d98%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300
Domain
exchange.informer.ua
URL
https://exchange.informer.ua/informer/stat/?s=ivona
Domain
exchange.informer.ua
URL
https://exchange.informer.ua/informer/stat/?s=smak
Domain
exchange.informer.ua
URL
https://exchange.informer.ua/informer/stat/?s=ivona

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 function| structuredClone object| oncontextlost object| oncontextrestored string| GoogleAnalyticsObject function| ga number| H_DEV object| holderPlaces function| holder function| setArticleCounter object| adsbygoogle object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl function| BM_Draw number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| hb_dmx_res object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b object| FB object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt boolean| admixerLisBrndMsgSet function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| BM_STAT function| $ function| jQuery object| bootstrap function| Swiper function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| hcSticky function| Waypoint function| Blazy function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| mySwiper object| elements number| j undefined| feed function| instafeed_owl string| waypointContextKey function| Instafeed function| phnx_frontend_get_var function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to object| name129now object| addthis_share object| addthis_config boolean| __@@##MUH object| _atw string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| html2canvas function| _open object| regeneratorRuntime object| mwayss object| cat function| setImmediate function| clearImmediate function| Achernar function| pbjsChunk object| pbjs object| _pbjsGlobals object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms

105 Cookies

Domain/Path Name / Value
kolobok.ua/ Name: _csrf
Value: a124d8e5ddbfe8b3d726fffce5af13982c77cc43f2ec8cc352da9144af286363a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Oz_snOQj6aP5NUC9wey-9u0kk_boldM0%22%3B%7D
kolobok.ua/ Name: b
Value: b
kolobok.ua/ Name:
Value: store.test
.kolobok.ua/ Name: _ga
Value: GA1.2.1681840888.1648454598
.kolobok.ua/ Name: _gid
Value: GA1.2.1797279371.1648454598
.kolobok.ua/ Name: _gat
Value: 1
.cdn.umh.ua/ Name: AU
Value: b7f2d7f465641373
.kolobok.ua/ Name: __gfp_64b
Value: 1TkVTw59dZ5iIBub5ZELEfMCC2EcX_kYBnWOsQt654T.r7|1648454597
.hit.gemius.pl/ Name: Gtest
Value: KlxTRRGGQMQGE6QsStjZHosissGMXP8c25nSGD_p1CL8XBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlQCMMaGQMQGE6QsStjZHosissGMXP8c25nSGD_p1CL8FRxSG7RrGS6GNgGBFlMMYH7hRjBGqSRxSG8.
kolobok.ua/ Name: __atuvc
Value: 1%7C13
kolobok.ua/ Name: __atuvs
Value: 62416bc6d7779235000
.addthis.com/ Name: uvc
Value: 1%7C13
.admixer.net/ Name: am-uid
Value: d73f0b5fc56645aeb99c0bc4c5c9f324
kolobok.ua/ Name: am-uid
Value: d73f0b5fc56645aeb99c0bc4c5c9f324
.facebook.com/ Name: sb
Value: xmtBYqve_loAuJUAj3NC3UWj
.facebook.com/ Name: fr
Value: 0OEJJ8np88XMBuCJw..BiQWvG.qS.AAA.0.0.BiQWvG.AWW4VnVQjXk
ad.mox.tv/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
ad.mox.tv/ Name: _mwayss_zone_imp[4191][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[4191][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_imp[15425][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15425][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_camp_imp[4843][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4843][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_imp[15361][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15361][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_camp_imp[3878][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3878][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_imp[15418][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15418][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_camp_imp[4421][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4421][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_imp[15406][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15406][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_camp_imp[3964][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3964][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_imp[15453][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15453][frequencyPeriodEnd]
Value: 1648540998
ad.mox.tv/ Name: _mwayss_camp_imp[1949][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1949][frequencyPeriodEnd]
Value: 1648540998
.addthis.com/ Name: loc
Value: MDAwMDBFVUdCMDAyMzU5MTc1ODAzNDAwMDBDSA==
kolobok.ua/ Name: cbtYmTName
Value: C3ApYm8pMSloOD4+OzI4bjg6P2o8OTg6KXZO
.quantserve.com/ Name: mc
Value: 62416bc6-e8b8c-81ae1-c363e
.bidswitch.net/ Name: tuuid
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
.bidswitch.net/ Name: c
Value: 1648454598
.bidswitch.net/ Name: tuuid_lu
Value: 1648454599
loadercdn.net/ Name: vui
Value: 507ebf1e04b143e8ab82ffbe7724619f
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: b8283fc8-2a95-5357-becb-b653dc8add94
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YkFrxwAHDLCZquK-08aUriTdN5vS9jWeMrrljg==
.adnxs.com/ Name: uuid2
Value: 6413474910366380265
ad.mox.tv/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
.casalemedia.com/ Name: CMPS
Value: 689
.kolobok.ua/ Name: __gads
Value: ID=ee2801189d4b1aa1:T=1648454598:S=ALNI_MZK_NNkdetyvSmqJycE566FqHVuCg
ad.mediawayss.com/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
ad.mediawayss.com/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
.casalemedia.com/ Name: CMID
Value: YkFrxxCBWadtG-rjpQt6mQAA
.casalemedia.com/ Name: CMPRO
Value: 658
ad.outstream.today/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
ad.outstream.today/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
.doubleclick.net/ Name: IDE
Value: AHWqTUm1lkSG9qtVeaw5XOV6YRGW0EXadP4i84GbyyhSza64gMYfGFGkzlZSYzouA4c
ad.adopx.net/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
ad.adopx.net/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
.ctnsnet.com/ Name: cid_0694efc6539149cdb202e6ad299125e2
Value: 1
.3lift.com/ Name: tluid
Value: 342577667037494226154
.yahoo.com/ Name: A3
Value: d=AQABBMhrQWICEEEInFDp2obmhDR9yh_f4C4FEgEBAQG9QmJLYgAAAAAA_eMAAA&S=AQAAAl_W3MWtSWGu20r1hphuVmE
.casalemedia.com/ Name: CMST
Value: YkFrx2JBa8gA
.quantserve.com/ Name: d
Value: EF8BCQHiJYEA
ad.invamia.com/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
ad.invamia.com/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb>c6c3M!2(5r(<j<dINiYhTyXnfi8FW//v5ZOmYt[jh1tyf4^c/9hVgyB7F4:[u!zbR(j#iP(Md+>)fy-3_pVzn
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2408
.agkn.com/ Name: ab
Value: 0001%3AOUuXpMllKtb8pUh2MIy6mQP5tV%2BB9GUr
.agkn.com/ Name: u
Value: C|0CEAp1ChIKdQoSAAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/ Name: CMRUM3
Value: 2d62416bc82760CAESEGmpSfejzz0h0kQcgekDZQk
ad.vidverto.io/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
ad.vidverto.io/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
.sportradarserving.com/ Name: zuuid
Value: 3468d64f-61d5-4ddf-8516-2962975f7231
.sportradarserving.com/ Name: c
Value: 1648454600
.sportradarserving.com/ Name: zuuid_lu
Value: 1648454600
.turn.com/ Name: uid
Value: 2944347680886542468
.adsby.bidtheatre.com/ Name: __kuid
Value: 1a086f09-a903-461d-ba78-00beeb54b590.417668600
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1648454600
.360yield.com/ Name: tuuid
Value: fb894988-f03b-41b1-8f16-5e2b0c30feec
.360yield.com/ Name: tuuid_lu
Value: 1648454600
ad.vidver.to/ Name: bdswtch_sync
Value: ace9fc3c-5763-4de0-b130-8e7e3d124d65
ad.vidver.to/ Name: moxuuid
Value: 07328346-3026-4edd-bf7c-cfb7239b8acd
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.lijit.com/ Name: ljt_reader
Value: 2c61ec2a540db538d08fe646
.de17a.com/ Name: guid2
Value: 1.2191085414103223021
.tribalfusion.com/ Name: ANON_ID
Value: aunseFwl6h6bQQwbQQaCkXDmFIqe2tDYdxWDqk9F8UtgrO4S6F09Zd1T9f2E0ZcTJCbq44eu0fky5uMNtTtLVB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 509BE21B-CD27-445C-BE55-CEBD3AE55C43
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022032808032100083281810647
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62416bc91920e97b
.addthis.com/ Name: ouid
Value: 62416bc90001f5c69c3136621af10d3732707af3cc710ef75786
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220328
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3fe4cc2d-256d-49e8-82d7-0f7c1f5e36b4-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3fe4cc2d-256d-49e8-82d7-0f7c1f5e36b4-003%22%7D

11 Console Messages

Source Level URL
Text
javascript warning URL: https://kolobok.ua/(Line 1733)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n723133&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://kolobok.ua/(Line 1733)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n723133&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r6460942&dholder1584315929&hhttps%3A//kolobok.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r6460942&dholder1466079092&hhttps%3A//kolobok.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://z.moatads.com/allresponsemediaglobalftdisplay739160694092/moatad.js(Line 133)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_push=AYg5qPLpGicl2FwHdboP0-0rjXGvzjBt11JaHTtCXkCMzroU69QoG4j0knxFczy1k-zTi5YLDmCt_NK_Q4AO4JUa9zBbk7RFRI4&google_gid=CAESECqEYG1MJdzDczx0PQwpors&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-4lJiPA7QbGPFl4rDDD-7A&google_push=AYg5qPKZaMVKyF4Q65AxuEHwUpU6Ls0swwDEKJMD1g_s_20QVTv0seW-3VFAETHbQAz16wRPe0Q-FvITO1u60GKz1XEn5fjh20yi
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkFrxxCBWadtG_rjpQt6mQAAApIAAAAB&google_gid=CAESEP9JcWxM4rxT9Hj9B1oaTZM&google_cver=1&google_push=AYg5qPJ-fZxXgMY1TPokAfaemwnL_5Nt3SlYcoH0CT_DikLxQgoNp8jA_HCJi4KS4rZ59ru4dnYy29Ku4bbGxim8lYHoFgLu-ms
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06f598cdb65bc8df4f0ed7980ec7699d.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
ad.adopx.net
ad.doubleclick.net
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.turn.com
ad.vidver.to
ad.vidverto.io
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
api.phnx.click
bgstats.mox.tv
bid.g.doubleclick.net
c.bigmir.net
cat.nl.eu.criteo.com
cdn.admixer.net
cdn.ampproject.org
cdn.doubleverify.com
cdn.flashtalking.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.emxdgt.com
csm.eu.criteo.net
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.bigmir.net
i.holder.com.ua
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
m.addthis.com
match.adsby.bidtheatre.com
maxcdn.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pix.eu.criteo.net
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
px.moatads.com
r.turn.com
rtb.fr.eu.criteo.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.tribalfusion.com
s.znctrack.net
s0.2mdn.net
s7.addthis.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
ssbsync.smartadserver.com
stackpath.bootstrapcdn.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
syndication.twitter.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
unpkg.com
upload.wikimedia.org
ups.analytics.yahoo.com
v1.addthisedge.com
ww251.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
z.moatads.com
cm.g.doubleclick.net
exchange.informer.ua
s7.addthis.com
www.facebook.com
104.111.215.191
104.244.42.200
104.36.113.23
142.250.181.226
142.250.184.194
142.250.185.230
146.0.227.109
146.59.10.80
146.59.30.104
167.71.9.19
172.217.23.98
178.250.0.139
178.250.2.148
178.250.2.150
178.62.202.251
18.156.0.31
18.193.160.53
18.195.155.181
185.180.223.221
185.184.8.65
185.187.81.40
185.187.81.41
185.33.221.50
185.86.137.114
185.86.137.121
185.86.138.122
190.2.151.10
190.2.153.150
193.239.68.97
193.239.71.100
193.29.200.142
193.29.200.162
2.18.234.21
2.21.140.103
2.21.143.57
2001:678:cb4:bbbb::11
209.197.3.19
212.8.250.228
212.8.250.83
213.155.156.182
213.19.147.151
213.19.147.45
213.254.244.108
216.52.2.30
23.35.236.122
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:7caf
2606:4700::6812:bcf
2606:4700::6812:d05
2620:0:862:ed1a::2:b
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a02:26f0:7100:494::4469
2a02:fa8:8806:13::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3601:b73:5e1d:a8b6:5551
3.64.119.154
34.149.12.213
34.98.67.61
35.186.193.173
35.186.253.211
52.215.248.120
52.29.167.104
66.102.1.155
69.173.144.138
76.223.111.18
78.159.118.240
91.198.36.26
91.198.36.35
96.46.186.58
02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162
03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a
0428be2ba8242bff520a3de34d841d7f2f5b7eb966aded1f956c4e49c4d6ad4c
048b2b6654bbae5d81f76ae1b0be4c5972d9e464171f08716348fe1597784c50
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05b66c4b0f4a790e3621acf7239a6822789a60016fe71e9686e350439d2d2642
062e86f70ccd4c1a5d69ac88329e66b7e9ab3d6335f6427f08e71b64ea192463
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
08c9ee32cfe0d9e2cb13294a49f594165c7dc2505f231eaf484d11790bd27d14
091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0adea1db9d386f9bbd55734d4b04c52404242ea73546940f73f535655230b44f
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c2462fbb0f5e12ca3bdfd4775964c2be00f1cc0dafd58eaaaee0904ded013ce
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a98d1e2a7564ec0005db20d5f87d374b0509987a68c9bdbf8b0ccebd5667c1
144001f9e39b93e88e696a71a63391bf54dd787a4451346ca8f10b6c886a4aa2
14e3682452826a69718b0db8dd9ab40bdd34792151733fc2339a62f44d3254f6
153c86e787c97ab23ade5ed156587707054350cae4c3166b6c8ca5569f5bde15
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
1670128ce2ea97c9b27bfea3d4ff4b32860b52c511e86ee9b6da12fef008178a
18ae6aacbaf65c6a05b7214314c4e6d3e603fb21477b688d6b9d027e7f58afc2
1975f998fffb17c4f5c197c4e0800eb640ee80655ad849d8861b036e6fd89680
19b505b8e9ac9e2c5935f9f8bb283d9a7a7b1ad72c9e419c07980a1c2b17cda4
1cc5e9c3e74bcb195b2c9ccddcd5e3946df25506c079334af9e88a9840f3493d
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956
1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293
20014b132c13ee1c5ec07db0d85b7670a4a2f90e6051739d301b56ea66b311c0
20d673e8501af3b070b8e903b3010a8686fc89fb1676c3d2d343f738c74da922
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
221dbb88d96e8e5e281fb4aa14e51ca9e9f52a6805784ff5c88b985f5e0030a8
22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3
23371129a04d8939b326041b3ac9ad8a09dc070733bab323e63ca5bed7453e26
23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b
254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c
2759e3c54fce6f5bae550ec99586149fcdfca72d0e8824a24eb54a662325df59
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a307f896bb746a7c71fa7185da82d66193910ce94c3926bc0e24412173ff510
2b61ed885762bdc1e52c32b7bf1cc3a96a4934bb313c76ea03d6eddf250125fa
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c
2cc201ae0daac46220dabff1297ef04b00c437c828ef7fb595db2b38d7d2d09a
2defc23fcfd1db173c1afa8ad16bc156469e6d116a566e5202b521eacd1e6264
2e7f6e46092bb0bf587e8b31b5222377a03d18dc6c59fa746dbdc3bfacde8af7
2e89dc115b7e7ae90b4ca583d32a2808b11053bed84e28a3b37b0967abd913a0
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f141a01a66c625b2b64a679736aff84221ed69cff589171da765b8b9d5ee0cd
2f2668f538fd2169ea4cd0341da6b502f9bb741adc42cdbeb546b41b1fafda60
301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
3367fbe59fd7312d67e33be553be2ed59c0bc76b569db295706f5bd6306b5736
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f
3581f0e834228709370f78e7c7fd1dab7dc9406ae60f0c733434d336c1192716
35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1
36327423840ceb627323c58b9fd461dc26f527e6189432f68593a3289f4f8f3d
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
364b47c97c84b34dd2526f739c2e41d23b3ef77d10315a21e2860ec6cd8d03bd
36da0cb34afbef0ecdabe3faaffa160f3ce89b5be0ca3caf46f3393f38881ed4
37255444d2c1095992d34bd7f61f5deda10715dc01a0fa96a874ef097c17c54e
3831a0eab7d36582d8c6f9cc9a601a5d19bd36181f120fd0dcc14cf5a19db95c
3957b7224058132636b3ec1761106bad639c01867694edf4a92a8107909e0014
3967ec954a88fae02b3de7c11a9575c1447bccd09b17bbd4e53817eba55f9a1c
3dd012c8a75c38603d249015105a0205e185b87753fe6e4e0b52f966889feae5
3e03816dd95893fc5d3e382f3e132538da9fdbfa78974ecad87652ba2c8335e1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb4c5a5b9cbe9aca2ac1ea7729ee61b277819a7a7e2d0c657db0ac2f12efcfc
410d88fe9d242f0da3b7a56dc2566a87b670835bc15c7d0a09dd15234577e677
4152f256fe3d3bf292c2824acce18debe67557fc911d47a37a92daca0e51bae2
41762d462bdc307fc28ffca9ac5f9d02490a0f75836a24b0452308917710b594
41985069fb1903b163781e9ea2f6f699085b876fc94f530dbb3155951ad250b2
41abdb8a85035bd21eede624da64161b5a961d29d8db5310b5a0a8a231360da3
432afd187fc4b0c54a34d64aa781668fd742849e1dd25f56cbd4075ef68ea07f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bde79917f3c2657d200dfe70fa614ef7ede54c9efc95e846da811ed4966943f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2b3f251158c6b963e1ab574329c7b4f673057e1df9256ba82a87dd9e6f7afe
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5110f8151effe17975322d67986cd3795903f281dc16ff33cbf10614aefa3447
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
556f8e245e2c37f9d1103f6326b894a1fe9834454e93768a682bb2fe0a66da66
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5620d24ae7eafd480b2f5b26c26e63e1fb4c3f88d8201bfe8a4d4066bd113ca9
563f26067599a752fd7993ca74b71b8c62e867db0d9b935924ac703f17983ec5
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
587b0967de9749da9f7ff07286d27aac92a5cc040e3fa1c7e4aeb710263b0f20
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5e45c8880be524364a08d4579a9bdc5c67c5bff166478d7a93abcb977d3bc815
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6294737e1373afd8afccd1d6d6ed072b90f648cd4fc702e24394df6b1aa59670
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6323206d42f99fcd2deeeb2d0efdb0356bae21c0387468ebd8a5311e7a0f4053
65057dabea7ffc8d2ec9dd38e8346a57c243d8b238fea8ae5192f51d478027b8
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d
667fb89fcae2f7a4784f3d3e8f70f3924c47e2475136c8b0afbdb8149b75b410
66f3b05796975c8addcf53860d9e71dd5386ce62c9e0513bb65f23d7f6354298
670014e0ef5f65c31c2a93726560537bc01307d99c31be5d29ce7f7601a55045
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68b49ad658ae01cfe26de8e387992090d37d3f440a1f6c7ab3d49c2f9bbca78e
69e3e2eea2a90e3801376c71e15c6e8c99bb1daa450036f7ca7c3091ac446583
6abcc856493c3bc586b48f007c7abb1cf9569eba693ec7fd08a40f19651f1452
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb2888011d470a1fd117be6c4b194f49ade80140403149f9e6b15ed048aa874
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
715b5ef34803939ca6fc15cd9cf52e31c6cf0ba53c47a90166daabb325fceb2a
717e3bb515e44ae9784d38ae8bc0dacd79861aa55dad2ef51ae29fc4964ed8c7
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7613c3e51915418c70a2edc2d30952d407d4628d3218ad648d68b382da720512
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
76ac51651e6b439631d0334553b741f8ba256886d44a81b0d96f2ba75ab40182
77deefb34532073409eb2d2ca0d3fabc4ae52dbe9efa3b9a423c3a3dbbc32966
78e232ebd166860de3d218268afcab0db5f7dbaf888d5cea0e837613639c1d6a
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b385c227a9618d508eb3340d6aed05c10138a3a9b230b4c1d4a10376752570f
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cd71bc78246a8930a275b10e331129825c49e5a59536bd3c8dddfe8a33558f4
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7
800c010d1acdffed8a8a17810b9de73c51489441172f27dbfffaffde702fada4
8096f04e7e98dfc530ed79336d5b64bab69ac30bfefddda6bc12de3baddac5ae
8160ede4fd5daecdcceae665e1ed105ed786740fa8feefd5b62882106b420c0b
83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953
86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8885073b1c816b0886c528124415de46bfa2001f813fad7fce362a48c0480eb1
8a25ec3cccb8c158112c6b231d0c0c081946df6d9b28f76ddf4788aa824bfd4b
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8af79c72b1bb8e26918c7b4a03546c1d65dd4caacad43ad10eeacbceb7b2c229
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8e849a2635dcab537152ae58a8630e41c893daa58e1cf488c8c7aa188aed63fe
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed1124d089360cbc228dbecd18b62255405f9885f39f5694e971f0aeb373a13
8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9091fcb652e15a956f3528fca034be67f2957686da929d28f415e5e008c4a15b
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf
9362e78275050a5f3a0b98e969a1083a8ed4318f8d063938ff4478e58177d310
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9670d1aa2ca52c822a9c53e16033e25b9451bd709f0b84da86a4074c0f13fb9d
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
99469201e9dbf15a407c751143dd1bf1b6fdc491b0dc8539cabb69b0034bd48b
99de81c1ac85885a617cb8a8d9ad7042ffe7d836c47c1f84ff8c4872a444be09
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9f0eac2429f50c03954bcea78a2221626a8d446afa597366feeaaa9e533639b9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffbf0901d91c2643b9aef55cc55cb461e8be565f7b47289a03c321cb1cc4441
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a092ff46484ab1199bcc62cb4c0ad9006a7e6d3f63793b2857863588f5086dcb
a093cc2d81f43a31a6727a3c301a9d775afe799e0981a96eef5cc1ccb3ab736d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2c634eb12aa88d5a87ee54d0e1746955218a03f646c5a1e3378d48d289dfe6b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a41245c14c602ed2867989291cb4a5b63fec42770c85881aeb07a3dae7220e7d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b68e82ea1541b177f05f0fe8353f96b61d97a2a529f038c0726cb7cba5db0e
a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a790e422760ec8bf48e1292e9f986daab679cb99c74bba2a39c4edd415b9fd42
a7e6b76e9f113da354e1ab756120749e02e2b59842af81856bbef5b11de70b52
a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622
a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457
aa1f0607dc5523572c28f9f4cc0a52485261d4a4085f85ec1303bd80eb60d4e6
abd01eb281bbfb5c0d106518f4abc79796f5a1c3515266aa05b44b7677b3abd3
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5
abf0a3fabc2e5d6e133cd13f3e6477cad421adba9c47c406b3effa2dc49e574c
ac7eed07b5d8d9f32110d81fd1def84f3ee9a59d7fe7941a79a2b014f3fa1afb
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e
ae1d820f1ede30ca2d21bcc1e63f4ba77d43e7f44baef8c8cc184fdbad0240cd
ae9d517b524b7ab6eee037b323de049b49944e62d9cf213b69169c68e0f3d0e5
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6
b380319d74805803ebbff678c954946284658339e7b02044dca909e59d84d763
b7c7950903719bd7d78ab0b3bf82540906df67ee5299467760cf1cbec8e2d9ee
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b98294db70cc50ca4fb25524ad10d5298b1a37064b6a94e6c49882869aee88bc
bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83
bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c
bdf5c7610bd87737b2534fe3d3d24bcd27d13601e920b09dcd9184c51c3bf4aa
be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e
bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2
c12160730fa3ab112d480e035b0f791be9e2a680065e289dc72cb421dcefbee3
c1960c94e1c5ee83bb9f6385667ce93dd64c2917b65a517daf5485de3fdee801
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7
c346594e1b424c49941cdf4fbe7bd0d125af38bce94016631d534a94b2f229ff
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c87984e7318aceba7c45a0c0da603a241e68dc56d790d61f8181b5e52a60ee41
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773
cb230de69a93910ff904402e919abf8faafb246493b73781a7a2cb3f01bb2210
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffb4befbeb3e1d3cc390c2811565db360f23653f08849c72d0df12d0e346b17
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4c7525c01c489de9abf572955a21bf934f3a1ae5709c7225192fd88b83dfea5
d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2
d833010ef20705b6f1b6845dda6be1ee03057098521b128f6c43402717b1b244
d89758868d2d1c41a66fe09b0666b36eaa787081a7dc46073770ff9540718165
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dcfa4bb2f3d098b3b627005d80d6ec62b61f97653e92f35ed735adad4f786de7
de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d
e119795385bc6cba2ca8a1fa8a74a0a0399e055804052b85d1affd536d20c283
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec
e23899b9b6ef42e1aef92b3c560b812cd94014b8ece0f82ae2d776e81fa3e207
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3837e59fa77478eb8a5ba48752f875276ffbf1b596cbf54bedeff3990ce754c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ec7220aad688109e46781f01ed309eacb3d146142908a9d625ae46769574cd
e860faa1aafd0f9b342ba7c6685e6ce980c4d770ee17403cae3b4a8687da164e
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36bbd3987ff3ef74d434ec3c29bba1d1285a8012b250a79f47e84a9463c9287
f3710684391dba1cac362ecf873cb58f3c63bed5bae4059bdbaba7b1c79b0e1a
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f74227b5201762a680687c4e5491ba5c60e49b4a19870447e2f2336525e4c9b3
f7d1cde7dd6457ab3780699765fe535407e971c7037713d38374036f80a44db9
f7d3e6671ff7fa6dbbbb56c8e9b757d97b7d57a925a43747e8d8679b323e3f0d
f7eb0027fdd203ea29e8c95afc953a8dec19b668705323063431c81a472ef122
fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801
fb2cb404d209fea69bf202019c6fdad79071a1f57eb2988eba92cda5e583fa5e
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f
fc7c806af601cf36a94e0c9c77c904112f2d2f9fc6fac6565cbe59bf6952acbb
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fcfbae28af5c946af6d2346bd2a90816aebdd97b56a996ab0dbb1173fb3ef7a2
fe3f46550860bcf76984a397a672e53980e1f9f1a9178f3020a721de9185a173
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6