galas.te.ua Open in urlscan Pro
193.169.80.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://galas.te.ua/
Effective URL:
https://galas.te.ua/
Submission: On June 24 via manual (June 24th 2021, 8:01:16 am UTC) from UA

Summary HTTP 122 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 31 domains to perform 122 HTTP transactions. The main IP is 193.169.80.26, located in Ternopil, Ukraine and belongs to TERNET-AS, UA. The main domain is galas.te.ua.
TLS certificate: Issued by R3 on May 31st 2021. Valid for: 3 months.

This is the only time galas.te.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	193.169.80.26 193.169.80.26	49491 (TERNET-AS) (TERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 7	49.12.116.255 49.12.116.255	24940 (HETZNER-AS) (HETZNER-AS)
12	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 3	65.9.77.122 65.9.77.122	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	3.126.158.103 3.126.158.103	16509 (AMAZON-02) (AMAZON-02)
1	35.158.223.21 35.158.223.21	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
122	35

36 193.169.80.26 (Ternopil, Ukraine) 1 redirects

ASN49491 (TERNET-AS, UA)
PTR: vps2.ternet.com.ua

galas.te.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.hunterdelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 49.12.116.255 (Besigheim, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.255.116.12.49.clients.your-server.de

www.meteoprog.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meteoprog.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.meteoprog.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.77.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.158.103 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.223.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-223-21.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	galas.te.ua 1 redirects galas.te.ua	675 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	180 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	32 KB
12	mgid.com jsc.mgid.com c.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	90 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	156 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
5	meteoprog.ua 2 redirects www.meteoprog.ua meteoprog.ua	15 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google.de adservice.google.de www.google.de	382 B
3	googleadservices.com www.googleadservices.com partner.googleadservices.com	19 KB
2	facebook.com 1 redirects www.facebook.com	23 B
2	adform.net 2 redirects c1.adform.net	944 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	755 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	meteoprog.pl www.meteoprog.pl	151 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	facebook.net connect.facebook.net	77 KB
1	lentainform.com cm.lentainform.com	529 B
1	idealmedia.io cm.idealmedia.io	448 B
1	sharethrough.com match.sharethrough.com	263 B
1	i.ua r.i.ua	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
1	gravitec.net cdn.gravitec.net	18 KB
1	hunterdelivery.com cdn.hunterdelivery.com	24 KB
0	floriya.shop Failed floriya.shop Failed
122	31

	Domain	Requested by
36	galas.te.ua	1 redirects galas.te.ua
10	fonts.gstatic.com	fonts.googleapis.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	pagead2.googlesyndication.com	galas.te.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.mgid.com	jsc.mgid.com galas.te.ua
6	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	fonts.googleapis.com	galas.te.ua googleads.g.doubleclick.net
4	www.google.com	2 redirects galas.te.ua tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com galas.te.ua
3	www.meteoprog.ua	galas.te.ua
2	www.facebook.com	1 redirects connect.facebook.net
2	c1.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	www.meteoprog.pl	galas.te.ua
2	c.mgid.com	jsc.mgid.com galas.te.ua
2	www.google-analytics.com	galas.te.ua www.google-analytics.com
2	www.google.de	galas.te.ua
2	counter.yadro.ru	1 redirects galas.te.ua
2	meteoprog.ua	2 redirects
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	connect.facebook.net	galas.te.ua connect.facebook.net
2	www.googleadservices.com	galas.te.ua www.googleadservices.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	cm.lentainform.com	galas.te.ua
1	cm.idealmedia.io	galas.te.ua
1	cm.g.doubleclick.net	1 redirects
1	match.sharethrough.com	galas.te.ua
1	secure-assets.rubiconproject.com	1 redirects
1	s-img.mgid.com	galas.te.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	servicer.mgid.com	jsc.mgid.com
1	r.i.ua	galas.te.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	jsc.mgid.com	galas.te.ua
1	maxcdn.bootstrapcdn.com	galas.te.ua
1	cdn.gravitec.net	galas.te.ua
1	cdn.hunterdelivery.com	galas.te.ua
0	floriya.shop Failed	galas.te.ua
122	45

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
meteoprog.ua
herbeauty.co
floriya.shop
www.i.ua
www.liveinternet.ru

Subject Issuer	Validity	Valid
galas.te.ua R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
hunterdelivery.com R3	`2021-06-03` - `2021-09-01`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2021-03-04` - `2022-04-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
meteoprog.ua R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
i.ua R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
meteoprog.pl R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://galas.te.ua/
Frame ID: 94659EA6CA3F710D264C2B72758E9135
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html
Frame ID: BC557F18431D8491B5D16F0557378CCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&adk=1812271804&adf=3025194257&lmt=1624521657&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgalas.te.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521656768&bpp=220&bdt=50&idt=287&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1337582890274&frm=20&pv=2&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
Frame ID: CE3BAC0FF5F258FFAE220CFDC229C8FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=280&slotname=1872269591&adk=2735200472&adf=3609267731&pi=t.ma~as.1872269591&w=730&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521656995&bpp=6&bdt=277&idt=79&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8eShnGJiY8&p=https%3A//galas.te.ua&dtd=84
Frame ID: 5297464F7FC23D8EB53131B98B4CF346
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4
Frame ID: 4AC0F0DF6C5940D9E44006020B125CCE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1872269591&adk=1079634218&adf=925888367&pi=t.ma~as.1872269591&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657093&bpp=1&bdt=375&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C160x600&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AyNknDt1u1&p=https%3A//galas.te.ua&dtd=3
Frame ID: 925325B5F31B5AB6248FE096553DE1B1
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1624521657382308680221
Frame ID: CA09DAF4B7FBA2F258024C6E78447C37
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 6BB5A8DC58E33593C71324E70FD5F315
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CFE0DDF17848946F1845B2FDF341CE41
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Frame ID: 036C55709F08F80C277ABC2E70916172
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df35601bd6bf35d%2526domain%253Dgalas.te.ua%2526origin%253Dhttps%25253A%25252F%25252Fgalas.te.ua%25252Ff50dc886d0913%2526relation%253Dparent.parent%26container_width%3D255%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252F%2525D0%252586%2525D0%2525BD%2525D1%252582%2525D0%2525B5%2525D1%252580%2525D0%2525BD%2525D0%2525B5%2525D1%252582-%2525D0%2525B2%2525D0%2525B8%2525D0%2525B4%2525D0%2525B0%2525D0%2525BD%2525D0%2525BD%2525D1%25258F-%2525D0%252593%2525D0%2525B0%2525D0%2525BB%2525D0%2525B0%2525D1%252581%252F964938013570182%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D250
Frame ID: 619435662CEBC2057FA4A5DE35A11794
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F7B2AE52FBAB8C2259324D4EC5AA4A30
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95F0FE17DE0A6229061E6EDCB41FFB91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://galas.te.ua/ HTTP 301
https://galas.te.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

122
Requests

99 %
HTTPS

48 %
IPv6

31
Domains

45
Subdomains

35
IPs

7
Countries

1546 kB
Transfer

3079 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=A9l99rAOuEk

Search URL Search Domain Scan URL

URL: https://meteoprog.ua/ua/weather/Ternopil/?utm_source=standart&utm_campaign=informers&utm_content=240x90&utm_term=Ternopil
Title: Погода в Тернополі Тернопіль

Search URL Search Domain Scan URL

URL: https://meteoprog.ua/ua?utm_source=standart&utm_campaign=informers&utm_content=240x90&utm_term=Ternopil
Title:

Search URL Search Domain Scan URL

URL: https://meteoprog.ua/ua/weather/Lviv/
Title: Погода у Львові

Search URL Search Domain Scan URL

URL: https://meteoprog.ua/ua/weather/Odesa/
Title: Погода в Одесі

Search URL Search Domain Scan URL

URL: https://herbeauty.co/lifestyle/15-things-only-rebellious-girls-understand/

Search URL Search Domain Scan URL

URL: https://floriya.shop/promo?referrer=galas.te.ua

Search URL Search Domain Scan URL

URL: https://floriya.shop/brand2019

Search URL Search Domain Scan URL

URL: https://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://galas.te.ua/ HTTP 301
https://galas.te.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://meteoprog.ua/data/weather/informer/Ternopil.js?callback=meteoprog_informer_standart.add_meteoprog_data&dt=null&n=0.536016896596472 HTTP 301
https://www.meteoprog.ua/data/weather/informer/Ternopil.js?callback=meteoprog_informer_standart.add_meteoprog_data&dt=null&n=0.536016896596472

Request Chain 64

https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//galas.te.ua/;0.8483545230241794 HTTP 302
https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//galas.te.ua/;0.8483545230241794

Request Chain 65

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgalas.te.ua%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=uTvUYNeUA_XI7_UPr_KBkAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgalas.te.ua%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uTvUYNeUA_XI7_UPr_KBkAw&random=1011939832&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgalas.te.ua%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uTvUYNeUA_XI7_UPr_KBkAw&random=1011939832&resp=GooglemKTybQhCsO&ipr=y

Request Chain 75

https://meteoprog.ua/images/widget/mi240x90logo.png HTTP 301
https://www.meteoprog.ua/images/widget/mi240x90logo.png

Request Chain 85

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 86

https://x.bidswitch.net/sync?dsp_id=303&user_id=l5oVni4JJ401 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l5oVni4JJ401 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=df68ae0a-225f-4779-b420-2614dd590ddf&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=b8c9d8ba-c236-49e6-9d53-cbab913c80a2&ttl=1627113657

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDVvVm5pNEpKNDAx&muidn=l5oVni4JJ401 HTTP 302
https://cm.mgid.com/google?muidn=l5oVni4JJ401&google_ula={guid},5&google_gid=CAESEIPThqIBjlXKGffb1BSz5wM&google_cver=1

Request Chain 91

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=d2dd21af-53b7-4d6a-887c-51521402e927

Request Chain 92

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=H3l153taSygZrwBQUrJO&pi=mgid&tc=1

Request Chain 93

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=923327298212099566&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=df68ae0a-225f-4779-b420-2614dd590ddf&gdpr=&gdpr_consent=&us_privacy=

Request Chain 94

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1624521657486&ns_c=UTF-8&cv=3.5&c8=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&c7=https%3A%2F%2Fgalas.te.ua%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1624521657486&ns_c=UTF-8&cv=3.5&c8=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&c7=https%3A%2F%2Fgalas.te.ua%2F&c9=

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 112

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35601bd6bf35d%26domain%3Dgalas.te.ua%26origin%3Dhttps%253A%252F%252Fgalas.te.ua%252Ff50dc886d0913%26relation%3Dparent.parent&container_width=255&height=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2586%25D0%25BD%25D1%2582%25D0%25B5%25D1%2580%25D0%25BD%25D0%25B5%25D1%2582-%25D0%25B2%25D0%25B8%25D0%25B4%25D0%25B0%25D0%25BD%25D0%25BD%25D1%258F-%25D0%2593%25D0%25B0%25D0%25BB%25D0%25B0%25D1%2581%2F964938013570182&locale=uk_UA&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=250 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df35601bd6bf35d%2526domain%253Dgalas.te.ua%2526origin%253Dhttps%25253A%25252F%25252Fgalas.te.ua%25252Ff50dc886d0913%2526relation%253Dparent.parent%26container_width%3D255%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252F%2525D0%252586%2525D0%2525BD%2525D1%252582%2525D0%2525B5%2525D1%252580%2525D0%2525BD%2525D0%2525B5%2525D1%252582-%2525D0%2525B2%2525D0%2525B8%2525D0%2525B4%2525D0%2525B0%2525D0%2525BD%2525D0%2525BD%2525D1%25258F-%2525D0%252593%2525D0%2525B0%2525D0%2525BB%2525D0%2525B0%2525D1%252581%252F964938013570182%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D250

122 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
galas.te.ua/
Redirect Chain

http://galas.te.ua/
https://galas.te.ua/

69 KB
16 KB

7021ms
6854ms

Document
text/html

193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 / PHP/7.4.8

Resource Hash

f9061a8c7f9d1c40f9ce5ebb84ff3f258dfd22904e545d55bdcf51334ef151f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: galas.te.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.10.1
Date: Thu, 24 Jun 2021 08:00:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.8
X-Pingback: https://galas.te.ua/xmlrpc.php
Link: <https://galas.te.ua/wp-json/>; rel="https://api.w.org/", <https://galas.te.ua/>; rel=shortlink
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.1
Date: Thu, 24 Jun 2021 08:00:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://galas.te.ua:443/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79420cb1c487791c9f033fbbf728ee65ca2d6858448c1f0a3349719de7612a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49203
x-xss-protection: 0
server: cafe
etag: 6406986264478977260
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 08:00:56 GMT

GET
H/1.1 200
OK draw_script.js Show response
cdn.hunterdelivery.com/scripts/ 24 KB
24 KB 111ms
21ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hunterdelivery.com/scripts/draw_script.js

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

944c726194a78d792ee95a4cea89781607bbc96274aa6b1cbe978d9e0d2a229c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:56 GMT
Connection: Keep-Alive
Last-Modified: Thu, 13 May 2021 08:51:56 GMT
age: 258
etag: "a5f184941b87a905fbdb3ee4dd6bf039"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1624521656.dop037.pa1.t,1624521656.cds203.pa1.shn,1624521656.dop037.pa1.t,1624521656.cds222.pa1.c
Content-Type: application/javascript
Cache-Control: max-age=4816
x-rgw-object-type: Normal
Content-Length: 24139
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
x-amz-request-id: tx00000000000000076c207-0060d2fd08-b55b4be-ams3c

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/f5185fbbe3ccbc2321fa9e223160b481/ 64 KB
18 KB 98ms
28ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/f5185fbbe3ccbc2321fa9e223160b481/client.js
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b0cdca4612b0cc459d227c37b3f71d78317c5157dc9b0a1aa74e677456b8f04

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
last-modified: Sat, 12 Jun 2021 00:05:00 GMT
server: nginx
etag: W/"60c3fa2c-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 12 Jun 2021 00:06:59 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H/1.1 200
OK autoptimize_72aaa95216e1c62632aab3e755e81f56.css
galas.te.ua/wp-content/cache/autoptimize/css/ 223 KB
37 KB 66ms
65ms Stylesheet
text/css 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

3105d92893cacca5fd465e16501ed9110354f4f987a159147e5aa111f656940c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 15:36:09 GMT
Server: nginx/1.10.1
ETag: W/"60785d69-37a1a"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 24 Jun 2021 08:30:56 GMT

GET
H/1.1 200
OK autoptimize_8420a728d20b529fdf985c47f6f6ae3e.css
galas.te.ua/wp-content/cache/autoptimize/css/ 4 KB
1 KB 153ms
54ms Stylesheet
text/css 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_8420a728d20b529fdf985c47f6f6ae3e.css

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

37ca9cc740166da1304b76bdb8073e95b96403c13677d91bf2d32af0780b0e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 15:36:09 GMT
Server: nginx/1.10.1
ETag: W/"60785d69-1131"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 24 Jun 2021 08:30:56 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 19ms
18ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 8074538
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea261990000d6bd23078000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 56c2b46c7a8e813a43f229e1920a3ed4
cf-ray: 66446ce28ae4d6bd-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jquery.js Show response
galas.te.ua/wp-includes/js/jquery/ 95 KB
34 KB 242ms
133ms Script
application/javascript 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 00:51:00 GMT
Server: nginx/1.10.1
ETag: W/"5f163bf4-17a69"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 24 Jun 2021 08:30:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
776 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 07:54:35 GMT
server: ESF
date: Thu, 24 Jun 2021 08:00:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Jun 2021 08:00:56 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 111ms
47ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b17c286b073bece17d24ca9607b6fc6a891cb5d87ade655122f1d2611eff7bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17319
x-xss-protection: 0
server: cafe
etag: 1145119954476266367
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 08:00:56 GMT

GET
H/1.1 200
OK Galas_logo_new222.png
galas.te.ua/wp-content/uploads/2017/02/ 15 KB
15 KB 64ms
60ms Image
image/png 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2017/02/Galas_logo_new222.png

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

5b1a33a0b4eed00906db63d11e6f887fd9b2de007bac45cbcae582e0e2537fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sat, 01 Aug 2020 06:26:00 GMT
Server: nginx/1.10.1
ETag: "5f250af8-3ba3"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15267
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK kreator_1.jpg
galas.te.ua/wp-content/uploads/2019/02/ 41 KB
41 KB 114ms
109ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2019/02/kreator_1.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

38f758029a63c7c21bd7dd1626e2df249bd23db6042f07492b5220be596dba57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sat, 01 Aug 2020 06:57:00 GMT
Server: nginx/1.10.1
ETag: "5f25123c-a200"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41472
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H2 200 standart.js Show response
www.meteoprog.ua/ua/weather/informer/ 124 KB
12 KB 174ms
95ms Script
application/x-javascript 49.12.116.255
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.meteoprog.ua/ua/weather/informer/standart.js
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 49.12.116.255 Besigheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.255.116.12.49.clients.your-server.de
Software: nginx /
Resource Hash: 74e81f09fe25a97bf8e398e0c5f58accd35cb9098189c35f087795a638dc0d8a

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 galas.te.ua.856045.js Show response
jsc.mgid.com/g/a/ 283 KB
70 KB 134ms
84ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12f4b6e185d8fa890d8f1834ba01eea2ee19306a09ed66f9ecba5c4c476e19e

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JXJWXDG8EGNX79ND
cf-polished: origSize=289505
last-modified: Tue, 22 Jun 2021 08:33:01 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 3A4wJSaIN3Y7ZhyZ0CyBKGDpORKfdPDCF13vd2lKq+aNSoMMG/Bm/t1ZthBNXOfEBCqWaAWLslE=
cf-bgj: minify
server: cloudflare
etag: W/"f8303e0873abe2fd96a6e35e35018ffd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0adea262d4000032bf542bc000000001
cf-ray: 66446ce48bb432bf-CDG
expires: Thu, 24 Jun 2021 11:00:57 GMT

GET
H/1.1 200
OK floria.jpg
galas.te.ua/wp-content/uploads/2019/06/ 19 KB
20 KB 198ms
194ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2019/06/floria.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

aa1167833660f005150f3bae1868615328d7695b97e2f142dd909aa579c88112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sat, 01 Aug 2020 07:02:00 GMT
Server: nginx/1.10.1
ETag: "5f251368-4ca2"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19618
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET floriya-galas-desktop.png
floriya.shop/access/ 0
0

GET
H/1.1 200
OK %D1%81%D0%B1%D1%83-750x418.jpg
galas.te.ua/wp-content/uploads/2021/06/ 69 KB
69 KB 216ms
151ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D1%81%D0%B1%D1%83-750x418.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

954f1d109044be4542f9b2df26d40ab6127920c811d274ff7793d33a59927689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Wed, 23 Jun 2021 12:01:06 GMT
Server: nginx/1.10.1
ETag: "60d32282-1146c"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70764
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK %D0%B7%D0%BD%D0%BE-1-870x418.jpg
galas.te.ua/wp-content/uploads/2021/06/ 57 KB
57 KB 298ms
178ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%B7%D0%BD%D0%BE-1-870x418.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

bec49ed1fcdb0d941470033a1c04a5e1cdb73e768a2374dafb111e915ceb9e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Tue, 22 Jun 2021 08:30:35 GMT
Server: nginx/1.10.1
ETag: "60d19fab-e224"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57892
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK %D1%84%D1%96%D1%80%D1%82%D0%B0%D1%88.jpg
galas.te.ua/wp-content/uploads/2021/06/ 32 KB
32 KB 399ms
280ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D1%84%D1%96%D1%80%D1%82%D0%B0%D1%88.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

8dc3e62cc88ec6d55fb9c3498d22708956dcc6aeef2a194ae521fe00b07e360a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Mon, 21 Jun 2021 10:56:35 GMT
Server: nginx/1.10.1
ETag: "60d07063-7f5a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32602
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK %D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5_2021-06-16_131101-458x418.jpg
galas.te.ua/wp-content/uploads/2021/06/ 40 KB
40 KB 385ms
329ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5_2021-06-16_131101-458x418.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

00addc08562b1aefbefb4acb5c1dba2b80ac23f9d68a155e2105503466d526b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Wed, 16 Jun 2021 10:11:03 GMT
Server: nginx/1.10.1
ETag: "60c9ce37-a04a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41034
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK %D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0.jpg
galas.te.ua/wp-content/uploads/2021/06/ 31 KB
32 KB 189ms
189ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

d0ce9716d28d40d3bb8dddc042723d2ef7b5ed9a76e85a39b18796ec36cccb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Mon, 14 Jun 2021 07:43:20 GMT
Server: nginx/1.10.1
ETag: "60c70898-7d87"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32135
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK IMG_5470-405x270.jpeg
galas.te.ua/wp-content/uploads/2021/06/ 26 KB
27 KB 255ms
253ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/IMG_5470-405x270.jpeg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

04ba0404847c48e44565414da06679de86c79a18ea385825d0bee742967210cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Cookie: b=b; __gads=ID=36b6b388654fb17c-2245f51c28c9007b:T=1624521657:RT=1624521657:S=ALNI_MZ7SGGUXzReHdV7jlgMU3bUX9djjQ; _ga=GA1.3.284721579.1624521657; _gid=GA1.3.1609420326.1624521657; _gat=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C856045%22%3A%7B%22page%22%3A1%2C%22time%22%3A1624521657375%7D%7D
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sat, 19 Jun 2021 13:47:46 GMT
Server: nginx/1.10.1
ETag: "60cdf582-69a7"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27047
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK 199063325_326878672378423_1099977065341427034_n-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 381ms
256ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/199063325_326878672378423_1099977065341427034_n-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

60595b0572dd80a8ecaa69d98de27678bb357f58188668e7695061bf450aaf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sun, 13 Jun 2021 12:37:30 GMT
Server: nginx/1.10.1
ETag: "60c5fc0a-7fa"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2042
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK 198333333_3981649841954992_6261676725109901288_n-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 481ms
267ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/198333333_3981649841954992_6261676725109901288_n-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

9250a69017ebeb23c42f4f352568419ceb02d3d41db91f1fd9ef4a281520a731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sun, 13 Jun 2021 12:08:18 GMT
Server: nginx/1.10.1
ETag: "60c5f532-758"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK IMG_5308-1-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 431ms
242ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/IMG_5308-1-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

79a70f5bf59b2c17cb4e911b25b663696a1ccaa73da8aec29f7cb67f202eb6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Thu, 10 Jun 2021 16:09:41 GMT
Server: nginx/1.10.1
ETag: "60c23945-7b9"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1977
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK 197522131_4177978602264520_5557965169976116878_n-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 985 B
1 KB 531ms
253ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/197522131_4177978602264520_5557965169976116878_n-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

32059744958ec1b93aa6591c03122900e07f554456ffae05fa0b160f7f38ca2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Mon, 07 Jun 2021 13:07:52 GMT
Server: nginx/1.10.1
ETag: "60be1a28-3d9"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 985
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK %D0%BB%D1%96%D0%BA%D0%B0%D1%80-405x270.jpg
galas.te.ua/wp-content/uploads/2021/06/ 17 KB
18 KB 338ms
338ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%BB%D1%96%D0%BA%D0%B0%D1%80-405x270.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

fb89831c47840d57bc19e6760efdcd38ab088a918e9c12b0333ec14c9fde77e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Cookie: b=b; __gads=ID=36b6b388654fb17c-2245f51c28c9007b:T=1624521657:RT=1624521657:S=ALNI_MZ7SGGUXzReHdV7jlgMU3bUX9djjQ; _ga=GA1.3.284721579.1624521657; _gid=GA1.3.1609420326.1624521657; _gat=1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C856045%22%3A%7B%22page%22%3A1%2C%22time%22%3A1624521657375%7D%7D
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sat, 19 Jun 2021 07:15:02 GMT
Server: nginx/1.10.1
ETag: "60cd9976-44c6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17606
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK 0-14-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 236ms
236ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/0-14-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

53978f891af667bc5e9846b1137a631b493e7b6bead1bd958516b8e0b8e69abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Thu, 17 Jun 2021 07:26:04 GMT
Server: nginx/1.10.1
ETag: "60caf90c-6ce"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1742
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK DSC_3100-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 62 KB
62 KB 189ms
189ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/DSC_3100-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

23f4211aa29c59bfa635430295c5c3170f1ad3c28e8d3394882397c4fa073c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Mon, 14 Jun 2021 15:04:12 GMT
Server: nginx/1.10.1
ETag: "60c76fec-f65d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63069
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK %D0%B3%D1%80%D0%BE%D1%88-80x60.jpeg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 226ms
225ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%B3%D1%80%D0%BE%D1%88-80x60.jpeg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

fc3de38ab37481bfe81f90cc9a31c37dc803ba82f166627da08451c626a6a510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sun, 13 Jun 2021 09:04:32 GMT
Server: nginx/1.10.1
ETag: "60c5ca20-6e8"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1768
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK 1-20-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
3 KB 242ms
241ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/1-20-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

8d662d5e84ca652772fdd5f92edc10b45b20591247517a7af2f430d0484cf291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sun, 13 Jun 2021 08:53:52 GMT
Server: nginx/1.10.1
ETag: "60c5c7a0-926"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2342
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK 11111-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 285ms
285ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/11111-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

fd8ebe07934051c57b31381d78fb64d50234dc50df22838062366b6b04f19062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Sun, 13 Jun 2021 09:12:31 GMT
Server: nginx/1.10.1
ETag: "60c5cbff-858"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2136
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H/1.1 200
OK unnamed-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
3 KB 260ms
260ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/unnamed-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

53c77c9edb2cb62d22d0ca5fbd06ca12d9ffd9f44dcfffa5882683bba363d23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Thu, 10 Jun 2021 08:25:44 GMT
Server: nginx/1.10.1
ETag: "60c1cc88-9df"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2527
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H/1.1 200
OK %D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5_2021-06-23_145151-405x270.jpg
galas.te.ua/wp-content/uploads/2021/06/ 17 KB
18 KB 289ms
289ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5_2021-06-23_145151-405x270.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

a0dcd31836e918c0522d9d4a61b3ee6a3b2e780cf1464b8d326b61417b7f89f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Wed, 23 Jun 2021 11:51:54 GMT
Server: nginx/1.10.1
ETag: "60d3205a-44f4"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17652
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H/1.1 200
OK %D0%B9%D0%BE%D1%80%D0%BA-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 3 KB
3 KB 279ms
278ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%B9%D0%BE%D1%80%D0%BA-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

8767033f6e4a8c6f3cf3c7c53d4a0ce8023462a3223a9e158710b90ab65d056f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Wed, 23 Jun 2021 08:27:17 GMT
Server: nginx/1.10.1
ETag: "60d2f065-bf6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3062
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H/1.1 200
OK 01-8-80x60.jpeg
galas.te.ua/wp-content/uploads/2021/06/ 1 KB
2 KB 299ms
299ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/01-8-80x60.jpeg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

4c0fa73cc96d402fa4602e051f0da4b3f3f87308883f23cbf274c65faa3ea0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Wed, 23 Jun 2021 06:31:01 GMT
Server: nginx/1.10.1
ETag: "60d2d525-5e4"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1508
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H/1.1 200
OK %D0%B4%D1%96%D0%B2%D1%87%D0%B8%D0%BD%D0%BA%D0%B0-80x60.jpg
galas.te.ua/wp-content/uploads/2021/06/ 2 KB
2 KB 302ms
302ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/%D0%B4%D1%96%D0%B2%D1%87%D0%B8%D0%BD%D0%BA%D0%B0-80x60.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

5ef9bfa22f071011bec78c36665db4aa2a7462e778d4092383aa205dce98f90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Tue, 22 Jun 2021 08:17:47 GMT
Server: nginx/1.10.1
ETag: "60d19cab-754"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1876
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H/1.1 200
OK DSC_3100-405x270.jpg
galas.te.ua/wp-content/uploads/2021/06/ 88 KB
88 KB 336ms
336ms Image
image/jpeg 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/uploads/2021/06/DSC_3100-405x270.jpg

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

7cf773d895bb83db1fac454656da06e95b23ec99ba0a3ad427e53c4e70192404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Mon, 14 Jun 2021 15:04:12 GMT
Server: nginx/1.10.1
ETag: "60c76fec-15eae"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89774
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H/1.1 200
OK switch.png
galas.te.ua/wp-content/plugins/wp-mobile-edition/assets/images/ 1 KB
2 KB 299ms
299ms Image
image/png 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/plugins/wp-mobile-edition/assets/images/switch.png

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

de07962c3db454eff893f564b561917d5df4f5ca9b79411e1ba4b7c45b5f796f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Tue, 21 Jul 2020 01:10:00 GMT
Server: nginx/1.10.1
ETag: "5f164068-592"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1426
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 6 KB
679 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700&subset=cyrillic&ver=1513244117

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 06:18:50 GMT
server: ESF
date: Thu, 24 Jun 2021 08:00:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Jun 2021 08:00:56 GMT

GET
H/1.1 200
OK autoptimize_5f1e78c6bfef0f4940da4da5dc46ca6e.js Show response
galas.te.ua/wp-content/cache/autoptimize/js/ 92 KB
29 KB 304ms
304ms Script
application/javascript 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-content/cache/autoptimize/js/autoptimize_5f1e78c6bfef0f4940da4da5dc46ca6e.js

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

864491c24bbb66dbc889dcaf45b7d1db3c9c659410ec6d46ad579ee5a8107e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 21:26:02 GMT
Server: nginx/1.10.1
ETag: W/"6078af6a-1710d"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/ 233 KB
86 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3354834151351626&plah=galas.te.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88042
x-xss-protection: 0
server: cafe
etag: 4788847514445276624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 08:00:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/ Frame BC55 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210621/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 23 Jun 2021 12:48:00 GMT
expires: Wed, 07 Jul 2021 12:48:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 69176
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
galas.te.ua/wp-includes/js/ 14 KB
5 KB 301ms
300ms Script
application/javascript 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-includes/js/wp-emoji-release.min.js?ver=5.4.6

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://galas.te.ua/
Connection: keep-alive
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 21:25:05 GMT
Server: nginx/1.10.1
ETag: W/"6078af31-363c"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 24 Jun 2021 08:30:58 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/855429029/ 2 KB
1 KB 77ms
37ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/855429029/?random=1624521656989&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgalas.te.ua%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a6257bde0504427c64b24ca1bb1065b46c23fe50cc50150789ce88501d1e6fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 22:24:53 GMT
x-content-type-options: nosniff
age: 120964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:24:53 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 02:31:26 GMT
x-content-type-options: nosniff
age: 19771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 02:31:26 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:31:16 GMT
x-content-type-options: nosniff
age: 142181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:31:16 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFUZ0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 12:08:54 GMT
x-content-type-options: nosniff
age: 71523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9400
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:08:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 24ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c22b3fd8ca081050398dc1445c3c007d8794ed619369d42baa7f0482c7e866c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rbCl7aD6mSpC9C5oVfbYEg==
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Jun 2021 08:10:17 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: +F5941Ahv5RScpfLqRxJX8O4iUw4rU9xB1lvbEBjel9hUVb/bzDHVb8XAG11srhBkAdhHdwRa3rfMac99D7Dqw==
x-fb-trip-id: 917726464
x-fb-content-md5: b7e94ac4f0f758ada1ed8a39d9041f53
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 24 Jun 2021 08:00:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3002c3b01005c57c80f02ad08d68e9fd"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 sdk.js Show response
connect.facebook.net/uk_UA/ 251 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=0f582494c010a438394920c0900c9fc8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f061ed729bcadb88ed0b3f4b7833465f81983ee580c99c82531db51c2944dec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://galas.te.ua
Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: k7wkPCv9otLVR6g1K4Bgpg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75824
x-fb-rlafr: 0
x-fb-debug: a+Gv4rjGb9GqftqFIC2rhyAUk02QTxiYeHCxUp2pAjIh6Zi3LwBQRdAhMNAgsv0Wxfz5xYpL2NBnrjFiTMmuWA==
x-fb-content-md5: 76701aba257e52d358b809c97622e76f
x-frame-options: DENY
date: Thu, 24 Jun 2021 08:00:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "05739029e827746d9ec955bdbdab031b"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Jun 2022 07:08:26 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
656 B 103ms
37ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=galas.te.ua&callback=_gfp_s_&client=ca-pub-3354834151351626

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3354834151351626&plah=galas.te.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bf49d96af5b2de64df2655fa20ee9e8c1e2f811aadfda2249a6f6d416e05f61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=galas.te.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galas.te.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE3B 6 KB
932 B 67ms
65ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&adk=1812271804&adf=3025194257&lmt=1624521657&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgalas.te.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521656768&bpp=220&bdt=50&idt=287&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1337582890274&frm=20&pv=2&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea15b132388777ef66ca87387c0f9d752d30e8f6407da92b25f81faa0067fee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3354834151351626&output=html&adk=1812271804&adf=3025194257&lmt=1624521657&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgalas.te.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521656768&bpp=220&bdt=50&idt=287&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1337582890274&frm=20&pv=2&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Jun 2021 08:00:57 GMT
server: cafe
content-length: 909
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 08:15:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274983153827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27713
x-xss-protection: 0
expires: Thu, 24 Jun 2021 08:00:57 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-3354834151351626&c=10&e=2570847921467975139&n=0&t=0&w=18&x=0

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5297 436 B
233 B 543ms
543ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=280&slotname=1872269591&adk=2735200472&adf=3609267731&pi=t.ma~as.1872269591&w=730&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521656995&bpp=6&bdt=277&idt=79&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8eShnGJiY8&p=https%3A//galas.te.ua&dtd=84

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60a278b718487f2e052e8a3ec7943911a2b2bab68788449adf21a875d63b70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3354834151351626&output=html&h=280&slotname=1872269591&adk=2735200472&adf=3609267731&pi=t.ma~as.1872269591&w=730&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521656995&bpp=6&bdt=277&idt=79&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8eShnGJiY8&p=https%3A//galas.te.ua&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Jun 2021 08:00:57 GMT
server: cafe
content-length: 210
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 08:15:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: private

GET
H2

200

Ternopil.js Show response
www.meteoprog.ua/data/weather/informer/
Redirect Chain

https://meteoprog.ua/data/weather/informer/Ternopil.js?callback=meteoprog_informer_standart.add_meteoprog_data&dt=null&n=0.536016896596472
https://www.meteoprog.ua/data/weather/informer/Ternopil.js?callback=meteoprog_informer_standart.add_meteoprog_data&dt=null&n=0.536016896596472

1 KB
449 B

95ms
95ms

Script
application/x-javascript

49.12.116.255
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.meteoprog.ua/data/weather/informer/Ternopil.js?callback=meteoprog_informer_standart.add_meteoprog_data&dt=null&n=0.536016896596472
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 49.12.116.255 Besigheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.255.116.12.49.clients.your-server.de
Software: nginx /
Resource Hash: 22ead08ae579c8b9104e50528bd49be03200c71bbe3d2e2b31b1723758e5a660

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
server: nginx
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/x-javascript

Redirect headers

location: https://www.meteoprog.ua/data/weather/informer/Ternopil.js?callback=meteoprog_informer_standart.add_meteoprog_data&dt=null&n=0.536016896596472
date: Thu, 24 Jun 2021 08:00:57 GMT
server: nginx
access-control-allow-origin: *
content-length: 162
content-type: text/html

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4AC0 73 KB
25 KB 559ms
558ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc987db3beed6cd2ad4fa288cae6d285331c637ea9b045ac7ae001cee074ae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Jun 2021 08:00:57 GMT
server: cafe
content-length: 25590
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 08:15:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9253 436 B
234 B 445ms
445ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1872269591&adk=1079634218&adf=925888367&pi=t.ma~as.1872269591&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657093&bpp=1&bdt=375&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C160x600&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AyNknDt1u1&p=https%3A//galas.te.ua&dtd=3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33d9a547405460b6623a7062b6354f19e0db15ce738c8b2cf918125f81912f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1872269591&adk=1079634218&adf=925888367&pi=t.ma~as.1872269591&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657093&bpp=1&bdt=375&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C160x600&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AyNknDt1u1&p=https%3A//galas.te.ua&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Jun 2021 08:00:57 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 08:15:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: private

GET
H/1.1 200
OK bg_title.png
galas.te.ua/wp-content/themes/magaziner/images/ 3 KB
3 KB 331ms
259ms Image
image/png 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galas.te.ua/wp-content/themes/magaziner/images/bg_title.png

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

cf881d2a17befdff3cc7aeb0ae0ad19945c811ca00eb5dc09bc52602fb7a27f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css
Connection: keep-alive
Referer: https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Last-Modified: Tue, 21 Jul 2020 00:52:00 GMT
Server: nginx/1.10.1
ETag: "5f163c30-afe"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2814
Expires: Thu, 24 Jun 2021 08:30:57 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 10:52:05 GMT
x-content-type-options: nosniff
age: 162532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9604
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 10:52:05 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic&v=1513244117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 21:40:02 GMT
x-content-type-options: nosniff
age: 123655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 21:40:02 GMT

GET
H/1.1 200
OK s
r.i.ua/ 798 B
1 KB 172ms
57ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u197353&p4&n0.8181183369615326&c1&d24&w1600&h1200&rgalas.te.ua/
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: 6657836cbc269c01b3c211ce11df9a7331c9309c1b6e50ddfadc068a51df0ada

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 08:00:57 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Expires: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t11.6;r;s1600*1200*24;uhttps%3A//galas.te.ua/;0.8483545230241794
https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//galas.te.ua/;0.8483545230241794

838 B
1 KB

69ms
69ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//galas.te.ua/;0.8483545230241794

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a3b98679b5a9262a1282d61d104979c1586b81bfa3623f8873fe02ec2077f407

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 08:00:57 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 838
Expires: Tue, 23 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 08:00:57 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t11.6;r;s1600*1200*24;uhttps%3A//galas.te.ua/;0.8483545230241794
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 23 Jun 2020 21:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/855429029/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid...
https://www.google.com/pagead/1p-conversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQ...
https://www.google.de/pagead/1p-conversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQh...

42 B
154 B

23ms
23ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgalas.te.ua%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uTvUYNeUA_XI7_UPr_KBkAw&random=1011939832&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/855429029/?random=940373090&cv=9&fst=1624521656989&num=1&value=0.05&currency_code=UAH&label=q2cTCN_st3AQpZ_zlwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgalas.te.ua%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=uTvUYNeUA_XI7_UPr_KBkAw&random=1011939832&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1752
date: Thu, 24 Jun 2021 07:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 24 Jun 2021 09:31:45 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 21 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 07:45:35 GMT
server: ESF
date: Thu, 24 Jun 2021 08:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Jun 2021 08:00:57 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 07:45:06 GMT
server: ESF
date: Thu, 24 Jun 2021 08:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Jun 2021 08:00:57 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
306 B 80ms
78ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1624521657209627038329&uniqId=0bd14&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fgalas.te.ua&lu=https%3A%2F%2Fgalas.te.ua%2F&pageView=1&pvid=17a3d094b7995ff7a62&site=558733&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce5aecc32bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea26386000032bf78068000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5351cc5fcd84ca5f24714cbc76e6b8f4fbf9a73fb9f7491bec0b523d073987e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:22:06 GMT
x-content-type-options: nosniff
age: 139131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 17:22:06 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galas.te.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 22:51:50 GMT
x-content-type-options: nosniff
age: 119347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:51:50 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1194631585&t=pageview&_s=1&dl=https%3A%2F%2Fgalas.te.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1565641432&gjid=752822089&cid=284721579.1624521657&tid=UA-16454933-2&_gid=1609420326.1624521657&_r=1&_slc=1&z=80549933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://galas.te.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/856045/ 1 KB
897 B 92ms
91ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/856045/1?pv=5&cbuster=1624521657280445009893&uniqId=0bd14&niet=4g&nisd=false&w=160&h=330&p1_w=150&p1_h=330&maxw_1=150&maxh_1=330&cols=1&ref=&cxurl=https%3A%2F%2Fgalas.te.ua&lu=https%3A%2F%2Fgalas.te.ua%2F&pageView=1&pvid=17a3d094b7995ff7a62&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6665786d9549772afdca63eddde71d5ba86d71bc6441976e928530bf5b0ee1ec

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce61fc232bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea263cb000032bf5eb15000000001

GET
H2

200

mi240x90logo.png
www.meteoprog.ua/images/widget/
Redirect Chain

https://meteoprog.ua/images/widget/mi240x90logo.png
https://www.meteoprog.ua/images/widget/mi240x90logo.png

2 KB
2 KB

40ms
40ms

Image
image/png

49.12.116.255
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.meteoprog.ua/images/widget/mi240x90logo.png
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 49.12.116.255 Besigheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.255.116.12.49.clients.your-server.de
Software: nginx /
Resource Hash: cc95573ae035117302c674bf6cb959c8f05595bedd8f5748f87625e73051118d

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
last-modified: Tue, 09 Oct 2018 21:05:27 GMT
server: nginx
etag: "5bbd1817-7dc"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2012
expires: Fri, 24 Jun 2022 08:00:57 GMT

Redirect headers

location: https://www.meteoprog.ua/images/widget/mi240x90logo.png
date: Thu, 24 Jun 2021 08:00:57 GMT
server: nginx
access-control-allow-origin: *
content-length: 162
content-type: text/html

GET
H2 200 new_icons-sprite-48x50.png
www.meteoprog.pl/images/weather/sprite/ 23 KB
23 KB 113ms
37ms Image
image/png 49.12.116.255
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.meteoprog.pl/images/weather/sprite/new_icons-sprite-48x50.png
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 49.12.116.255 Besigheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.255.116.12.49.clients.your-server.de
Software: nginx /
Resource Hash: 62372765835ba10e400607c97119143c904a78e5fbac0646ed655d94eaed0e91

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
last-modified: Tue, 09 Oct 2018 21:05:27 GMT
server: nginx
etag: "5bbd1817-5b9f"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 23455
expires: Fri, 24 Jun 2022 08:00:57 GMT

GET
H2 200 PNG-boy-51x90px.png
www.meteoprog.pl/images/avatar/ 127 KB
128 KB 141ms
65ms Image
image/png 49.12.116.255
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.meteoprog.pl/images/avatar/PNG-boy-51x90px.png
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 49.12.116.255 Besigheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.255.116.12.49.clients.your-server.de
Software: nginx /
Resource Hash: 7178421e078ac88a7e5362cf2118d4052488a0fb1a78de01f4d179b9fa8ab7c7

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
last-modified: Tue, 09 Oct 2018 21:05:26 GMT
server: nginx
etag: "5bbd1816-1fd6f"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 130415
expires: Fri, 24 Jun 2022 08:00:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-16454933-2&cid=284721579.1624521657&jid=1565641432&gjid=752822089&_gid=1609420326.1624521657&_u=IAhAAEAAAAAAAC~&z=2100958488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Jun 2021 08:00:57 GMT
content-type: text/plain
access-control-allow-origin: https://galas.te.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 25ms
25ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-16454933-2&cid=284721579.1624521657&jid=1565641432&_u=IAhAAEAAAAAAAC~&z=62957988

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 26ms
23ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-16454933-2&cid=284721579.1624521657&jid=1565641432&_u=IAhAAEAAAAAAAC~&z=62957988

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
691 B 97ms
89ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1624521657379375283371
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d8df50007ca8b726f67f6d79f791d552c9b5db80bea08a5cd17772d3882acca

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: a035cd14-6112-4293-8f93-3f3c5c0147e1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce6b92332bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea26436000032bf3f32e000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame CA09 19 B
206 B 82ms
78ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1624521657382308680221
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 868dca2b-f5d5-484a-bf63-a731e92028c0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce6b92132bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea26436000032bf4f353000000001
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 100ms
33ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:57:58 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: byJjYan95M1wQ5rUHyvBC8kh_Utix44KflYIKyTNHoWN3oT59OoQ9A==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp
s-img.mgid.com/g/8193536/328x328/103x0x353x353/ 15 KB
15 KB 33ms
32ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193536/328x328/103x0x353x353/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp?v=1624521657-JzXVlXuglCVvtYBicFlq98uioMS_uMGttxYiBYvwzgA
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae9c9246ab911e214b4486c1c297f28883d0dd1d0abd5ee93be11a8cf6250016

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 9c9f2a4b-5ac6-4120-b137-8f6f1cec5d58
age: 5367751
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15562
cf-request-id: 0adea26432000032bf152ce000000001
last-modified: Wed, 10 Feb 2021 07:15:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 66446ce6b91932bf-CDG

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6BB5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

85ms
28ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1624521657379375283371
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://galas.te.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Jun 2021 08:00:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Thu, 24 Jun 2021 08:00:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l5oVni4JJ401
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l5oVni4JJ401
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=df68ae0a-225f-4779-b420-2614dd590ddf&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

68 B
263 B

107ms
34ms

Image
image/png

35.158.223.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=df68ae0a-225f-4779-b420-2614dd590ddf&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.223.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-223-21.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=df68ae0a-225f-4779-b420-2614dd590ddf&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=b8c9d8ba-c236-49e6-9d53-cbab913c80a2&ttl=1627113657

43 B
465 B

74ms
74ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=b8c9d8ba-c236-49e6-9d53-cbab913c80a2&ttl=1627113657
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1f4adea5-dd33-4456-809e-4e41b5b21bdb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce85cc032bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea26535000032bf6fac4000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=b8c9d8ba-c236-49e6-9d53-cbab913c80a2&ttl=1627113657
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDVvVm5pNEpKNDAx&muidn=l5oVni4JJ401
https://cm.mgid.com/google?muidn=l5oVni4JJ401&google_ula={guid},5&google_gid=CAESEIPThqIBjlXKGffb1BSz5wM&google_cver=1

0
174 B

81ms
81ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l5oVni4JJ401&google_ula={guid},5&google_gid=CAESEIPThqIBjlXKGffb1BSz5wM&google_cver=1
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce7fbfd32bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea264fa000032bf5eb32000000001

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l5oVni4JJ401&google_ula={guid},5&google_gid=CAESEIPThqIBjlXKGffb1BSz5wM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
448 B 128ms
76ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l5oVni4JJ401
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 66446ce79e513313-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0adea264c500003313ad2f3000000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
529 B 128ms
79ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l5oVni4JJ401
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 66446ce79bbc081c-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea264c30000081ca0ad8000000001

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=d2dd21af-53b7-4d6a-887c-51521402e927

43 B
571 B

89ms
89ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=d2dd21af-53b7-4d6a-887c-51521402e927
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: cecd1ab7-cc69-412a-a0c7-eb9341b0d52c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ceb6fb4089b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea267220000089bb2b12000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=d2dd21af-53b7-4d6a-887c-51521402e927
date: Thu, 24 Jun 2021 08:00:58 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=H3l153taSygZrwBQUrJO&pi=mgid&tc=1

43 B
336 B

75ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=H3l153taSygZrwBQUrJO&pi=mgid&tc=1
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8c58c16e-fec2-406b-8ce2-944f28139e6d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce84cb732bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea26532000032bf3abf8000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=H3l153taSygZrwBQUrJO&pi=mgid&tc=1
pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT, Thu, 24 Jun 2021 08:00:57 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=70&user_id=923327298212099566&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=df68ae0a-225f-4779-b420-2614dd590ddf&gdpr=&gdpr_consent=&us_privacy=

43 B
592 B

105ms
81ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=df68ae0a-225f-4779-b420-2614dd590ddf&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:57 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: f52a4a5f-ae0c-4133-9fdc-a41cd2dfa80c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446ce98a4c089b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea265f40000089bb2aef000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=df68ae0a-225f-4779-b420-2614dd590ddf&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1624521657486&ns_c=UTF-8&cv=3.5&c8=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1624521657486&ns_c=UTF-8&cv=3.5&c8=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20...

64 B
330 B

41ms
40ms

Image
image/gif

65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1624521657486&ns_c=UTF-8&cv=3.5&c8=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&c7=https%3A%2F%2Fgalas.te.ua%2F&c9=
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: WYjDnH9g95EhJrP9Hx5WhJ7E7YRglsJWLXnk_SHfjjOdb8rfeXOriQ==

Redirect headers

date: Thu, 24 Jun 2021 08:00:57 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1624521657486&ns_c=UTF-8&cv=3.5&c8=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A2%D0%B5%D1%80%D0%BD%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20-%20%D0%93%D0%B0%D0%BB%D0%B0%D1%81%20%7C%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&c7=https%3A%2F%2Fgalas.te.ua%2F&c9=
content-length: 457
x-amz-cf-id: WBCHM2BRG1LDM8hcgo5UXZnE-AHFOdeT8Vq25Sgi-B1XYP8y1CLXQA==

GET
H2 200 css
fonts.googleapis.com/ Frame 4AC0 3 KB
674 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 07:46:08 GMT
server: ESF
date: Thu, 24 Jun 2021 08:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Jun 2021 08:00:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 4AC0 1 KB
989 B 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 07:50:45 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame 4AC0 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 4951781748486473094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 07:57:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 4AC0 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 07:57:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AC0 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Thu, 24 Jun 2021 08:00:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 4AC0 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 07:59:24 GMT

GET
H2 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame 4AC0 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 06:31:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Sep 2021 06:15:28 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4AC0 0
0 18ms
16ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZZaKuTvUYJzTBpSi7_UPucuuwArJ4LCIY5H2sO3uDRQQASDejMstYJUCoAHB1MG0AcgBAakCE_FUTPsAtD6oAwHIA8sEqgTBAU_QmJ8nTpqzEYCJ8DgX77z5ScAGhX0pK_r9JfweP5ahE9M-WdXe3VRnphsGEIPXHH4sZT9DS9RdXRie3EUnvSDgmK9lLOBTjQl56ENQgMztlAOpuHBuWpRnVb0y5GkhIyMQ_CfCyKVS33IDJoK1LGfC82ILJTkBswWV1gcWhAEFqBuIB2y8yBfwQkNBbcAtSDlsxrhmEH0se01V064zHjQsSFKQCpzCPldvQ-SenUkynOduJoI9YffabkCBrjIWHRPABKCG467OA4AHp6u-ywKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-p0D0ggJCIDhgBAQARgfgAoByAsB2BMDiBQF0BUBmBYBgBcBshcaChgIABIUcHViLTMzNTQ4MzQxNTEzNTE2MjY&sigh=slRtz6YRnmU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Jun 2021 08:00:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6BB5 31 KB
9 KB 28ms
28ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c83ffb4a24a0d741ca8c2f3d32d6a916f1de1d733d0fe83c6360b1e24f3ecf43

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48778
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Thu, 24 Jun 2021 21:33:55 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CFE0 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlaPz0Pi338DQSNHQ4IMtA12HdWj4WEZlPwRYj2dVPVGytJf7EVU1qRl6ksKDg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 24 Jun 2021 07:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4AC0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caf0b25ad0b3ff3c8b847e6be40885414604a7fb01e43f1b0cc129ec574b7e5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6BB5 284 B
536 B 117ms
28ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4AC0 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 13:40:44 GMT
x-content-type-options: nosniff
age: 152413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 13:40:44 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4AC0 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 02:04:06 GMT
x-content-type-options: nosniff
age: 21411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 02:04:06 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CFE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlaPz0Pi338DQSNHQ4IMtA12HdWj4WEZlPwRYj2dVPVGytJf7EVU1qRl6ksKDg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Jun 2021 08:00:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 24-Jun-2021 09:00:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 08:00:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Jun 2021 08:00:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame 036C 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 07:31:01 GMT

GET
H/1.1 200
OK admin-ajax.php Show response
galas.te.ua/wp-admin/ 6 B
530 B 622ms
621ms XHR
text/html 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-admin/admin-ajax.php?postviews_id=35&action=postviews&_=1624521656983

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 / PHP/7.4.8

Resource Hash

fcec60f82b171fd07868a8985447ba3089f5a2022fb587b50ad05dbd3dbed2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://galas.te.ua/
Accept: */*
Referer: https://galas.te.ua/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:59 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.10.1
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.8
Strict-Transport-Security: max-age=31536000;
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29

200

/
www.facebook.com/login/ Frame 6194
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35601bd6bf35d%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

193ms
192ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df35601bd6bf35d%2526domain%253Dgalas.te.ua%2526origin%253Dhttps%25253A%25252F%25252Fgalas.te.ua%25252Ff50dc886d0913%2526relation%253Dparent.parent%26container_width%3D255%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252F%2525D0%252586%2525D0%2525BD%2525D1%252582%2525D0%2525B5%2525D1%252580%2525D0%2525BD%2525D0%2525B5%2525D1%252582-%2525D0%2525B2%2525D0%2525B8%2525D0%2525B4%2525D0%2525B0%2525D0%2525BD%2525D0%2525BD%2525D1%25258F-%2525D0%252593%2525D0%2525B0%2525D0%2525BB%2525D0%2525B0%2525D1%252581%252F964938013570182%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=0f582494c010a438394920c0900c9fc8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df35601bd6bf35d%2526domain%253Dgalas.te.ua%2526origin%253Dhttps%25253A%25252F%25252Fgalas.te.ua%25252Ff50dc886d0913%2526relation%253Dparent.parent%26container_width%3D255%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252F%2525D0%252586%2525D0%2525BD%2525D1%252582%2525D0%2525B5%2525D1%252580%2525D0%2525BD%2525D0%2525B5%2525D1%252582-%2525D0%2525B2%2525D0%2525B8%2525D0%2525B4%2525D0%2525B0%2525D0%2525BD%2525D0%2525BD%2525D1%25258F-%2525D0%252593%2525D0%2525B0%2525D0%2525BB%2525D0%2525B0%2525D1%252581%252F964938013570182%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: KI4Pws629VPORCK6PUsFt8W62LJpum2ce648O1RUB4tTXn2/CX9PDK1kpjDmXnO+axXxuJhABMY/UUMRa8/buQ==
date: Thu, 24 Jun 2021 08:00:58 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df35601bd6bf35d%2526domain%253Dgalas.te.ua%2526origin%253Dhttps%25253A%25252F%25252Fgalas.te.ua%25252Ff50dc886d0913%2526relation%253Dparent.parent%26container_width%3D255%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252F%2525D0%252586%2525D0%2525BD%2525D1%252582%2525D0%2525B5%2525D1%252580%2525D0%2525BD%2525D0%2525B5%2525D1%252582-%2525D0%2525B2%2525D0%2525B8%2525D0%2525B4%2525D0%2525B0%2525D0%2525BD%2525D0%2525BD%2525D1%25258F-%2525D0%252593%2525D0%2525B0%2525D0%2525BB%2525D0%2525B0%2525D1%252581%252F964938013570182%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D250
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v3.3
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: UVlwwxIlY8/HepxpiqTS29hUFV3kkWBgINbrJnJLHXdxScD/GqGF8bX76ezayLJx4rTbFYKMk8Z3sWoKJYZG/Q==
content-length: 0
date: Thu, 24 Jun 2021 08:00:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 c
c.mgid.com/ 43 B
342 B 80ms
79ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=150|338|12|0nmF0Y_YjZklQ59WE_3ZR81YhRkAEQBsDBsGlTLquUc7fwOSITuHJ8gXMmZOos6V&fw=1&extjs=66044&cid=856045&h2=osGc9IG8QbaWdv591HpRpcB5_07rwZ0vLxcYTalSpKk*&rid=4ea63263-d4c2-11eb-b1e6-d094662f8ab5&tt=Direct&iv=11&pageImp=1&pvid=17a3d094b7995ff7a62&cbuster=162452165857414713980&tpl=0
Requested by: Host: galas.te.ua
URL: https://galas.te.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 711e352b-b164-4aa9-9e85-fde3dacc1186
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 66446cee29e932bf-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0adea268d8000032bf6537a000000001
server: cloudflare

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
27ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210621&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

088e1508efdbd0d7e4fb1401e7ee28e9c7915be08ed84373c21ac38b4887d8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 08:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7998
x-xss-protection: 0

GET
H/1.1 200
OK flexslider-icon.woff
galas.te.ua/wp-content/themes/magaziner/fonts/flexslider/ 1 KB
2 KB 62ms
61ms Font
application/font-woff 193.169.80.26
TERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://galas.te.ua/wp-content/themes/magaziner/fonts/flexslider/flexslider-icon.woff

Requested by

Host: galas.te.ua
URL: https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.169.80.26 Ternopil, Ukraine, ASN49491 (TERNET-AS, UA),

Reverse DNS

vps2.ternet.com.ua

Software

nginx/1.10.1 /

Resource Hash

333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://galas.te.ua
Accept-Encoding: gzip, deflate, br
Host: galas.te.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css
Connection: keep-alive
Origin: https://galas.te.ua
Referer: https://galas.te.ua/wp-content/cache/autoptimize/css/autoptimize_72aaa95216e1c62632aab3e755e81f56.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 08:00:58 GMT
Last-Modified: Tue, 21 Jul 2020 01:10:00 GMT
Server: nginx/1.10.1
ETag: "4f4-5aae94842ea00"
Strict-Transport-Security: max-age=63072000; includeSubdomains; max-age=31536000;
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1268

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 24 Jun 2021 08:00:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F7B2 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 24 Jun 2021 06:54:28 GMT
expires: Fri, 24 Jun 2022 06:54:28 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 95F0 783 B
533 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4cb370195695fcc9fa2897b1d427f7872dc5fd3a139864a955ffef78d3927772

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1VBT5OtZ4Xz+gkwV0gha2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galas.te.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://galas.te.ua/

Response headers

expires: Thu, 24 Jun 2021 08:00:58 GMT
date: Thu, 24 Jun 2021 08:00:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1VBT5OtZ4Xz+gkwV0gha2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame F7B2 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 07:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 07:31:20 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4AC0 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZm-HuTvUYJzTBpSi7_UPucuuwArJ4LCIY5H2sO3uDRQQASDejMstYJUCoAHB1MG0AcgBAakCE_FUTPsAtD6oAwGqBMEBT9CYnydOmrMRgInwOBfvvPlJwAaFfSkr-v0l_B4_lqET0z5Z1d7dVGemGwYQg9ccfixlP0NL1F1dGJ7cRSe9IOCYr2Us4FONCXnoQ1CAzO2UA6m4cG5alGdVvTLkaSEjIxD8J8LIpVLfcgMmgrUsZ8LzYgslOQGzBZXWBxaEAQWoG4gHbLzIF_BCQ0FtwC1IOWzGuGYQfSx7TVXTrjMeNCxIUpAKnMI-V29D5J6dSTKc524mgj1h99puQIGuMhYdE8AEoIbjrs4DgAenq77LAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD6nQPSCAkIgOGAEBABGB-ACgHICwHYEwOIFAXQFQGYFgGAFwGyFxoKGAgAEhRwdWItMzM1NDgzNDE1MTM1MTYyNg&sigh=0-uztKTxVhs&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3354834151351626&output=html&h=600&slotname=1084595595&adk=2892236764&adf=2424827652&pi=t.ma~as.1084595595&w=160&fwrn=4&fwrnh=100&lmt=1624521657&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fgalas.te.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624521657086&bpp=1&bdt=369&idt=1&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=1337582890274&frm=20&pv=1&ga_vid=284721579.1624521657&ga_sid=1624521657&ga_hid=1194631585&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=530&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31061421&oid=3&pvsid=1295787279450621&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=P0uWrHkumi&p=https%3A//galas.te.ua&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Jun 2021 08:00:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AC0 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaYg7m11Ztva80JYpQcw0MeLAZqhj94kk0eLmL1vqvzmEMKW-fWsE3MRAlPA9IgWPHDPRYmdNMt1opKW3Kky4haa7YG7bIpQziHShIc82mDE1Ewaxu8TV64hFDVQ&sai=AMfl-YSvpTf90NRsQ2v7pm8sDTEjowST2cJlssMOG67VdtZIUwnXs-4ReYGL-AIc8VVNLbP1ma3KGKeuyfgW&sig=Cg0ArKJSzE5qZ3rb9Z43EAE&id=lidar2&mcvt=1006&p=822,530,1422,690&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&v=20210621&bin=7&avms=nio&bs=0,0&mc=0.63&if=1&app=0&itpl=22&adk=2892236764&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624521657093&dlt=562&rpt=81&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210621&jk=1295787279450621&bg=!S0ilSAzNAAZktE7iZLQ7ACkAdvg8Wk6f4PhnSs9SCvc-W7qQ9zJSRoLNxGJtOtSeZJETYsvxF4cxXAIAAABsUgAAABloAQeZAmhR2dgVRobKpY8EWp9HSmOhI1PnJjdF8KmSR26h0JbzI46uKK-f6-bcxSJbo6pzf4zEmuNekT6ejfhQBVQdBKGQTvpp-QdDX7ADbockHNZG85gZsNDu0AeznYuSVTCafTjmEB9_uH26KM0rKyJ59HcNf-MoeT9RHGX4B0cbUpSL7bmfjASC5pHmFeICWmzoQIlV0IxBByCmH3aJwWaauiUmIhJSC2agIUM-rorCGGc6ZAR8HWyBOTBXTdN8tE_o4zh-cdGnqQC6sZ2AYrEEfPu6qPy_Q8vJM3fpfh-Ju7_IB7y5Jm322oPCtbrVRiGLw0IOVmKozeWgJ8MCMIJd9MNKYDZi51VP0gl6HpJ_jlyuLggF29umEVrI2_FOHCl-YhRrFHQn8iAbw5nsLmycOUx08Ar3R0WnFp7T4QdhYbFZkVsgLO-lM7qaI-WuduWUVtM4qnlXS7d2BICo6q2SM4_wdNaZexmzy7m7E0-r51LvKt3i_-xGldKai61o8W21F0biru3uRjff0tRb39H4fhGe7JL7-F8-i0MdhyAn_gZhl4oAf0dLcncPpVNI_y0oLS-aTlXRaXjopMixGpvwnDN3TZZe-POw5zPge4av2_3tzjmuwHF0-YJ6n9neWxP7nNFNi-06utwx2d7H_g9Rq6TNY-tOEZp7QXRIIAoiSBrXdXk1ymuyCNh8McElOlf9cUvbz89G0PjusfNcMZ2lwthDSvBfjQM-w3spYNMQLkGSn50lTKvLfvUPKB077XCbRn0vLOtofQVqlROlsn24hbt87h-fbKw64fD3RUblZIt5Nhh0DAucAc5r

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galas.te.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 08:00:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: floriya.shop
URL: htts://floriya.shop/access/floriya-galas-desktop.png

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:15:25	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 19:15:22	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 04:36:57	Name: IDE Value: AHWqTUlaPz0Pi338DQSNHQ4IMtA12HdWj4WEZlPwRYj2dVPVGytJf7EVU1qRl6ksKDg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/g/a/galas.te.ua.856045.js(Line 1) Message: [object HTMLImageElement]
console-api	warning	URL: https://cdn.hunterdelivery.com/scripts/draw_script.js(Line 1) Message: NewsHunter: No ad blocks found at the page
console-api	log	URL: https://galas.te.ua/wp-content/cache/autoptimize/js/autoptimize_5f1e78c6bfef0f4940da4da5dc46ca6e.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.mgid.com
c1.adform.net
cdn.gravitec.net
cdn.hunterdelivery.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
eus.rubiconproject.com
floriya.shop
fonts.googleapis.com
fonts.gstatic.com
galas.te.ua
googleads.g.doubleclick.net
jsc.mgid.com
match.adsrvr.org
match.sharethrough.com
maxcdn.bootstrapcdn.com
meteoprog.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r.i.ua
rtb-usw.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.meteoprog.pl
www.meteoprog.ua
x.bidswitch.net
floriya.shop
104.109.78.125
104.16.221.74
104.19.135.78
104.19.217.61
13.248.242.197
142.250.185.162
142.250.186.34
172.217.18.98
185.184.8.65
193.169.80.26
2.19.35.65
205.185.216.42
213.174.135.2
2606:4700::6812:bcf
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:802::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.158.103
35.158.223.21
35.212.212.222
37.157.5.142
49.12.116.255
65.9.77.122
69.173.144.138
88.212.201.198
91.198.36.16
00addc08562b1aefbefb4acb5c1dba2b80ac23f9d68a155e2105503466d526b4
04ba0404847c48e44565414da06679de86c79a18ea385825d0bee742967210cc
088e1508efdbd0d7e4fb1401e7ee28e9c7915be08ed84373c21ac38b4887d8ad
0b0cdca4612b0cc459d227c37b3f71d78317c5157dc9b0a1aa74e677456b8f04
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d8df50007ca8b726f67f6d79f791d552c9b5db80bea08a5cd17772d3882acca
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22ead08ae579c8b9104e50528bd49be03200c71bbe3d2e2b31b1723758e5a660
23f4211aa29c59bfa635430295c5c3170f1ad3c28e8d3394882397c4fa073c5b
3105d92893cacca5fd465e16501ed9110354f4f987a159147e5aa111f656940c
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32059744958ec1b93aa6591c03122900e07f554456ffae05fa0b160f7f38ca2c
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
33d9a547405460b6623a7062b6354f19e0db15ce738c8b2cf918125f81912f10
37ca9cc740166da1304b76bdb8073e95b96403c13677d91bf2d32af0780b0e93
38f758029a63c7c21bd7dd1626e2df249bd23db6042f07492b5220be596dba57
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c0fa73cc96d402fa4602e051f0da4b3f3f87308883f23cbf274c65faa3ea0fc
4cb370195695fcc9fa2897b1d427f7872dc5fd3a139864a955ffef78d3927772
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53978f891af667bc5e9846b1137a631b493e7b6bead1bd958516b8e0b8e69abc
53c77c9edb2cb62d22d0ca5fbd06ca12d9ffd9f44dcfffa5882683bba363d23b
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b1a33a0b4eed00906db63d11e6f887fd9b2de007bac45cbcae582e0e2537fda
5ef9bfa22f071011bec78c36665db4aa2a7462e778d4092383aa205dce98f90f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60595b0572dd80a8ecaa69d98de27678bb357f58188668e7695061bf450aaf6a
62372765835ba10e400607c97119143c904a78e5fbac0646ed655d94eaed0e91
6657836cbc269c01b3c211ce11df9a7331c9309c1b6e50ddfadc068a51df0ada
6665786d9549772afdca63eddde71d5ba86d71bc6441976e928530bf5b0ee1ec
669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
7178421e078ac88a7e5362cf2118d4052488a0fb1a78de01f4d179b9fa8ab7c7
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74e81f09fe25a97bf8e398e0c5f58accd35cb9098189c35f087795a638dc0d8a
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
79420cb1c487791c9f033fbbf728ee65ca2d6858448c1f0a3349719de7612a37
79a70f5bf59b2c17cb4e911b25b663696a1ccaa73da8aec29f7cb67f202eb6f7
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
7cf773d895bb83db1fac454656da06e95b23ec99ba0a3ad427e53c4e70192404
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
864491c24bbb66dbc889dcaf45b7d1db3c9c659410ec6d46ad579ee5a8107e88
8767033f6e4a8c6f3cf3c7c53d4a0ce8023462a3223a9e158710b90ab65d056f
8d662d5e84ca652772fdd5f92edc10b45b20591247517a7af2f430d0484cf291
8dc3e62cc88ec6d55fb9c3498d22708956dcc6aeef2a194ae521fe00b07e360a
9250a69017ebeb23c42f4f352568419ceb02d3d41db91f1fd9ef4a281520a731
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
944c726194a78d792ee95a4cea89781607bbc96274aa6b1cbe978d9e0d2a229c
954f1d109044be4542f9b2df26d40ab6127920c811d274ff7793d33a59927689
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
a0dcd31836e918c0522d9d4a61b3ee6a3b2e780cf1464b8d326b61417b7f89f9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3b98679b5a9262a1282d61d104979c1586b81bfa3623f8873fe02ec2077f407
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5351cc5fcd84ca5f24714cbc76e6b8f4fbf9a73fb9f7491bec0b523d073987e
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6257bde0504427c64b24ca1bb1065b46c23fe50cc50150789ce88501d1e6fc4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1167833660f005150f3bae1868615328d7695b97e2f142dd909aa579c88112
ae9c9246ab911e214b4486c1c297f28883d0dd1d0abd5ee93be11a8cf6250016
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b17c286b073bece17d24ca9607b6fc6a891cb5d87ade655122f1d2611eff7bda
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bec49ed1fcdb0d941470033a1c04a5e1cdb73e768a2374dafb111e915ceb9e4e
bf49d96af5b2de64df2655fa20ee9e8c1e2f811aadfda2249a6f6d416e05f61b
c22b3fd8ca081050398dc1445c3c007d8794ed619369d42baa7f0482c7e866c9
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c83ffb4a24a0d741ca8c2f3d32d6a916f1de1d733d0fe83c6360b1e24f3ecf43
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
caf0b25ad0b3ff3c8b847e6be40885414604a7fb01e43f1b0cc129ec574b7e5f
cc95573ae035117302c674bf6cb959c8f05595bedd8f5748f87625e73051118d
cf881d2a17befdff3cc7aeb0ae0ad19945c811ca00eb5dc09bc52602fb7a27f9
d0ce9716d28d40d3bb8dddc042723d2ef7b5ed9a76e85a39b18796ec36cccb9d
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
de07962c3db454eff893f564b561917d5df4f5ca9b79411e1ba4b7c45b5f796f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60a278b718487f2e052e8a3ec7943911a2b2bab68788449adf21a875d63b70c
ea15b132388777ef66ca87387c0f9d752d30e8f6407da92b25f81faa0067fee9
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f061ed729bcadb88ed0b3f4b7833465f81983ee580c99c82531db51c2944dec9
f12f4b6e185d8fa890d8f1834ba01eea2ee19306a09ed66f9ecba5c4c476e19e
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
f9061a8c7f9d1c40f9ce5ebb84ff3f258dfd22904e545d55bdcf51334ef151f3
fb89831c47840d57bc19e6760efdcd38ab088a918e9c12b0333ec14c9fde77e2
fc3de38ab37481bfe81f90cc9a31c37dc803ba82f166627da08451c626a6a510
fc987db3beed6cd2ad4fa288cae6d285331c637ea9b045ac7ae001cee074ae9c
fcec60f82b171fd07868a8985447ba3089f5a2022fb587b50ad05dbd3dbed2a3
fd8ebe07934051c57b31381d78fb64d50234dc50df22838062366b6b04f19062

galas.te.ua Open in urlscan Pro 193.169.80.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

99 %HTTPS

48 %IPv6

31 Domains

45 Subdomains

35 IPs

7 Countries

1546 kBTransfer

3079 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

galas.te.ua Open in urlscan Pro
193.169.80.26 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

99 %
HTTPS

48 %
IPv6

31
Domains

45
Subdomains

35
IPs

7
Countries

1546 kB
Transfer

3079 kB
Size

3
Cookies

122 HTTP transactions
2 data transactions