urlscan.io logo urlscan.io
SecurityTrails logo

ab.ua Open in urlscan Pro
2606:4700:20::ac43:491c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ab.ua/
Effective URL: https://ab.ua/
Submission: On October 22 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 10 countries across 36 domains to perform 245 HTTP transactions. The main IP is 2606:4700:20::ac43:491c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ab.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time ab.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.31.142.134 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
1 75.2.35.182 16509 (AMAZON-02)
13 2600:9000:226... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.233.41.109 200000 (UKRAINE-AS)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.136 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.53 16509 (AMAZON-02)
2 45.133.44.3 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a0c:5c81:514... 55081 (24SHELLS)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.63 16509 (AMAZON-02)
1 18.66.147.116 16509 (AMAZON-02)
1 35.214.174.31 15169 (GOOGLE)
2 2 52.59.108.23 16509 (AMAZON-02)
2 62.149.1.122 15497 (COLOCALL ...)
1 9 54.38.197.123 16276 (OVH)
2 104.16.57.101 13335 (CLOUDFLAR...)
33 2a00:1450:400... 15169 (GOOGLE)
1 5 185.184.8.90 204995 (RTB-HOUSE...)
1 1 142.250.181.226 15169 (GOOGLE)
3 77.123.132.26 35680 (VOLIA)
3 2a00:1450:400... 15169 (GOOGLE)
6 35.157.246.167 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
1 51.38.120.206 16276 (OVH)
1 35.244.159.8 15169 (GOOGLE)
1 182.161.74.18 55569 (CRITEO-AS...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 216.52.2.30 30282 (AS-INAPCD...)
4 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 142.250.186.162 ()
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 ()
245 50
37    2606:4700:20::ac43:491c (United States)

ASN13335 (CLOUDFLARENET, US)
ab.ua
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.31.142.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-142-134.cloudipsp.com
api.fondy.eu
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
27    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
1    75.2.35.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6f8ea0b1ff710b40.awsglobalaccelerator.com
static.server.retentioneering.com
13    2600:9000:2261:4e00:a:7aac:6200:21 (United States)

ASN16509 (AMAZON-02, US)
d1672trkrgk4ug.cloudfront.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    185.233.41.109 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: web620.default-host.net
ulf24.com
11    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
vars.hotjar.com
1    35.214.174.31 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 31.174.214.35.bc.googleusercontent.com
csync.loopme.me
2    52.59.108.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-108-23.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
9    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    104.16.57.101 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cloudflareinsights.com
33    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
cm.creativecdn.com
fledge-eu.creativecdn.com
prebid-eu.creativecdn.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
3    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
6    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adtelligent-d.openx.net
1    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    142.250.186.162 (None, )

ASN- ()
googleads4.g.doubleclick.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (None, )

ASN- ()
mug.criteo.com
Apex Domain
Subdomains		 Transfer
62 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
945 KB
37 ab.ua
ab.ua
881 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net
298 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
25 KB
13 cloudfront.net
d1672trkrgk4ug.cloudfront.net
125 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
111 KB
12 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8894
file.adpartner.pro — Cisco Umbrella Rank: 268032
38 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
433 KB
9 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6415
ghb.adtelligent.com — Cisco Umbrella Rank: 6449
sync.adtelligent.com — Cisco Umbrella Rank: 4288
36 KB
6 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155
746 B
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
cm.creativecdn.com — Cisco Umbrella Rank: 8363
fledge-eu.creativecdn.com — Cisco Umbrella Rank: 18729
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233
3 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
www.google.de — Cisco Umbrella Rank: 6045
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
186 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com
7 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
282 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 789
vars.hotjar.com — Cisco Umbrella Rank: 916
69 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
195 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1116
cloudflareinsights.com — Cisco Umbrella Rank: 1110
6 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
57 KB
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
162 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
2 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
1 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 31427
102 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
738 B
1 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 27311
583 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
352 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
689 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
64 KB
1 ulf24.com
ulf24.com
1 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1140
43 KB
1 retentioneering.com
static.server.retentioneering.com
markup.server.retentioneering.com Failed
33 KB
1 fondy.eu
api.fondy.eu
7 KB
0 finup.lv Failed
connector.finup.lv Failed
245 36
Domain Requested by
37 ab.ua 1 redirects ab.ua
33 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
ab.ua
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
26 pagead2.googlesyndication.com ab.ua
www.googletagmanager.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
file.adpartner.pro
googleads.g.doubleclick.net
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
www.googletagservices.com
13 d1672trkrgk4ug.cloudfront.net ab.ua
12 s0.2mdn.net ab.ua
s0.2mdn.net
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
11 www.google.com 2 redirects ab.ua
www.gstatic.com
www.google.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
ab.ua
9 a4p.adpartner.pro 1 redirects ab.ua
a4p.adpartner.pro
6 c2shb.ssp.yahoo.com ab.ua
6 securepubads.g.doubleclick.net ab.ua
securepubads.g.doubleclick.net
5 fonts.gstatic.com www.google.com
fonts.googleapis.com
5 ghb.adtelligent.com ab.ua
5 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 www.facebook.com ab.ua
3 fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 file.adpartner.pro a4p.adpartner.pro
3 connect.facebook.net ab.ua
connect.facebook.net
2 gum.criteo.com 1 redirects static.criteo.net
2 googleads4.g.doubleclick.net ab.ua
2 static.criteo.net player.adtcdn.com
ab.ua
2 hbopenbid.pubmatic.com ab.ua
2 fastlane.rubiconproject.com ab.ua
2 creativecdn.com 1 redirects ab.ua
2 cloudflareinsights.com ab.ua
2 sync.adtelligent.com player.adtelligent.com
ab.ua
2 rtb.mfadsrvr.com 2 redirects
2 player.adtelligent.com player.adtcdn.com
ab.ua
2 player.adtcdn.com ab.ua
2 www.google-analytics.com ab.ua
a4p.adpartner.pro
2 fonts.googleapis.com ab.ua
googleads.g.doubleclick.net
1 mug.criteo.com
1 ap.lijit.com ab.ua
1 prebid-eu.creativecdn.com ab.ua
1 bidder.criteo.com ab.ua
1 adtelligent-d.openx.net ab.ua
1 onetag-sys.com ab.ua
1 fledge-eu.creativecdn.com creativecdn.com
1 cm.creativecdn.com creativecdn.com
1 cm.g.doubleclick.net 1 redirects
1 csync.loopme.me player.adtelligent.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de ab.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.hotjar.com www.googletagmanager.com
1 stats.g.doubleclick.net ab.ua
1 www.googletagmanager.com ab.ua
1 ulf24.com ab.ua
1 static.cloudflareinsights.com ab.ua
1 www.googleoptimize.com ab.ua
1 static.server.retentioneering.com ab.ua
1 api.fondy.eu ab.ua
0 markup.server.retentioneering.com Failed ab.ua
0 connector.finup.lv Failed ab.ua
245 57

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.fondy.eu
GoGetSSL RSA DV CA		 2020-08-13 -
2022-11-11		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.server.retentioneering.com
Amazon		 2022-02-25 -
2023-03-26		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.ulf24.com
R3		 2022-10-06 -
2023-01-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
player.adtelligent.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
adpartner.pro
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://ab.ua/
Frame ID: AE3B0859CBD8321C88D2821B49A8A617
Requests: 120 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Frame ID: 0024057FA4926225159E776C8E91B12A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/zrt_lookup.html
Frame ID: B44A5875DD5BE48CC0C3930FA1B8E476
Requests: 1 HTTP requests in this frame

Frame: https://ab.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666454400
Frame ID: 985FF9F5954E070102F7409634006B2D
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AC7AC64F0A9C929AEC8F5F5587DF3FFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7510457504943044&output=html&adk=1812271804&adf=3025194257&lmt=1666460407&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fab.ua%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460407425&bpp=4&bdt=1417&idt=107&shv=r20221019&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6250335817982&frm=20&pv=2&ga_vid=2133675183.1666460407&ga_sid=1666460408&ga_hid=1563670814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070415%2C44776415%2C44775016%2C44776449&oid=2&pvsid=3474196292401875&tmod=468558536&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Frame ID: 95E6F490E6E7CB9A7E1A2789D11E0AB6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D89045F71FC818AB4D9480A92111B1F3
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: AFDF2699752EF093C11B04626ED0810B
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: 88E8571C04653ECF394CACACD65EC737
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=076d8fd6-40bd-478e-9a8c-ef66a3e5d807
Frame ID: C986A9F1F3BD5BF3BAB794ADA5178C92
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
Frame ID: 92CB0A83AF230E65BB5F119F4D7279B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 221AE78A5AD937ED4BF00594044730AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A810A5DC389A9D42C04CB325D3D7E0B5
Requests: 2 HTTP requests in this frame

Frame: https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=4xLbiX-rHkm8rHIfZ4KDJwQPnvlQKTCXSUolQsnLZ-qkoDYF08LIbRB5ZZiFu7XfarlptIhM5jTKIpGV9v0YOg
Frame ID: 0C38B041989ECD79F3E07937BD564BF0
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&site_visited=1&location=https%3A%2F%2Fab.ua%2F&referer=
Frame ID: 9A6F8580AA01C8184711765A86E7396E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=7742&bannerNum=88767903299972620&apuid=bc49d80b-1d71-4757-8307-ba7fd1245c5f&session_pageview=1&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&site_visited=1&location=https%3A%2F%2Fab.ua%2F
Frame ID: E3976A5E2E9B44E884D7B8E3B6A1C94E
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b867668e-ec2e-4047-a84d-d4efd7219121%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2295506%252C%2522rule_id%2522%253A209476%252C%2522show_id%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%257D%255D%252C%2522unit_id%2522%253A7742%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fab.ua%25252F%2522%257D
Frame ID: 128EEDFED2F721D367FF7C644366572F
Requests: 1 HTTP requests in this frame

Frame: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E52713E4BC1519045E56A9528AE6D9A1
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2295/2295506/ab.ua_160x600_br1.html?content_width=1100px&background_size=1920&top_padding=49&side_width=250&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fbackground_empty.jpg&unit_num=7742_88767903299972620&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7742%2F2295506%2F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D4a9d62a7e3dae0998fe7caa0defffe17
Frame ID: 675FF2DE1515E9607705D3091CF25B96
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b867668e-ec2e-4047-a84d-d4efd7219121%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2295506%252C%2522rule_id%2522%253A209476%252C%2522show_id%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%257D%255D%252C%2522unit_id%2522%253A7742%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fab.ua%25252F%2522%257D
Frame ID: 43336A25C6B24B46191C23FC56D5E7F7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b867668e-ec2e-4047-a84d-d4efd7219121%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2295506%252C%2522rule_id%2522%253A209476%252C%2522show_id%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%257D%255D%252C%2522unit_id%2522%253A7742%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fab.ua%25252F%2522%257D
Frame ID: C09AE8634B597DEE20131E1DBA24F537
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Frame ID: 19D192A60F22EDA15F093A5F42F7E1AB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Frame ID: 63AADB565905F5FD5DCB080601F68567
Requests: 17 HTTP requests in this frame

Frame: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D113EDD366CC9EBA3807960171BF9B1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 12AD200A2A5D1A7F2901276216811280
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html
Frame ID: 7E2D03CF454F58A761E5F09147674747
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 59F61FE55362E5DBD61176C18D265E77
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: 87CC762893D48DC05F7BDC206AA96EEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: BC21F39ADCA62AE901BC5B0B76DD7F14
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71E6BCFBDFC6575F4E43D0A07ADB8483
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C245546ABD9A1B6DB060224CB4FA006
Requests: 2 HTTP requests in this frame

Frame: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8D97B3851FFC4F18868BB54D993BEFD8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYlLeOzAEwAQ&v=APEucNVnAJtad59xkEFSgDetrZmRl55Cp-sf7XWzkJIhp2PN63LjtvLcL7xdSxEgHXA22m4QYE8q5W3TI085kdh0q0qrTFLPww
Frame ID: 85A353CBDD041ECDD74DC052B60951E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E9F4B8536365DD7B530801808AB43AB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
Frame ID: 71D5D33E1F36C8C593EC90CF0156FEF8
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ab.ua
Frame ID: 1248DC918F3DF607B84441FD2949253E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Автобазар Украина. Продажа и покупка авто. Сайт объявлений о купле продаже автомобилей

Page URL History Show full URLs

  1. http://ab.ua/ HTTP 308
    https://ab.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

245
Requests

98 %
HTTPS

53 %
IPv6

36
Domains

57
Subdomains

50
IPs

10
Countries

3694 kB
Transfer

11154 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ab.ua/ HTTP 308
    https://ab.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=076d8fd6-40bd-478e-9a8c-ef66a3e5d807
Request Chain 92
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b867668e-ec2e-4047-a84d-d4efd7219121
Request Chain 105
  • https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518 HTTP 302
  • https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=dEpiSkZqdVVtNWFwOGdrZHF2VlM%3D&pi=adx&tdc=ams&chain= HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPuoJ6RqIRtemRGLs_yFwzs&google_cver=1&google_ula=5153224,0
Request Chain 174
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 191
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 236
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ab.ua&sn=ChromeSyncframe&so=0&topUrl=ab.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=MN2XcnxZTGxXN0g0cDZhRjJoRk5IU2EwSnVvVjhnSTVNbXhNT0xuZUVWdEFWUDY1UUw0ZC8rREFmVHlyMENhendIRFRheW9kQVI4a0hrUm5rbkJwZlkrT2plMzV6UnRMcVZkNGJIM3c1aUY4SUd6WDZCeWlKSFBSd2pqcWdGMS9mRDRJNFhwcHAveE5EZXBFbnQyS3hKekJ3enRTWXF5SERYUUkyNEZCMFUyRmw2MUZ1ZUhxcUluc3NZT0dDVWxub2VBL3pWcnkrdWRPK2VtMDcxVk9COE56NjJUaVp2UEd3VFVTdjVFd1RVTGxaUUFzSFFCNFNaMUpGTDlpQU42Ykd1RlY5c3cvQTJIQkR0Z0hrS2xZaWtmd1pvZz09fA&cppv=2

245 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ab.ua/
Redirect Chain
  • http://ab.ua/
  • https://ab.ua/
165 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99941c10322e74066a3582340c581fc18bc4e9c1be98c46fcad7b457b687b251
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75e404212f0e9241-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 22 Oct 2022 17:40:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
redis
120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8gvHV37TNoZiqC3VG9wdnjSvrVElizPhvjwYDVPyT0eqJzd%2Fzoa3SzcWkeUWIAKqD68YbbtU3CJ%2BpP1bWAp7dit%2Bvvs4e2c3PD5DzdpEZV9%2FuF1%2FvS6QmXOS08GDMsuW4Af"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Accept-Encoding User-Agent

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
75e404206dd3904e-FRA
Connection
keep-alive
Content-Type
text/html
Date
Sat, 22 Oct 2022 17:40:05 GMT
Location
https://ab.ua
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLXufoQ39MqtSGpzq%2FRqpTIr0SOFb1kchZU0ZMoWmojEUsj2X7hROA65%2FJkEeIYR04%2F6UNWYOkXACwaUrVXz3%2BYn5Guu2Giv%2BrqvThGGkEBC4iXQS6KpbBiZJSsdBtGc8RHO"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 15:49:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Oct 2022 17:40:06 GMT
ipsp.js
api.fondy.eu/static_common/v1/checkout/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fondy.eu/static_common/v1/checkout/ipsp.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.31.142.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-142-134.cloudipsp.com
Software
nginx /
Resource Hash
697e83f0eeb5b923627192244d4abfbfebafef8e999996d2eb5ab39a32387d82
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Thu, 19 May 2022 15:52:24 GMT
server
nginx
content-encoding
gzip
etag
W/"628667b8-5f4f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=3600, must-revalidate
x-xss-protection
1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 17:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2287
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 22 Oct 2022 19:01:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99d598ff0575c90b84b191ef61b2115064ca6d88495e90ceb61f2bd26cd6382e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55168
x-xss-protection
0
server
cafe
etag
9008414164398589724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 17:40:06 GMT
leasing-ab-ua.min.js
static.server.retentioneering.com/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.server.retentioneering.com/leasing-ab-ua.min.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.35.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6f8ea0b1ff710b40.awsglobalaccelerator.com
Software
nginx/1.20.2 /
Resource Hash
6922c20b5d19b0f46d7688e7df946fbfdb14b22c9b33783f7f14bad5738f82c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
gzip
last-modified
Sat, 23 Apr 2022 17:34:29 GMT
server
nginx/1.20.2
etag
W/"0c66a23d22db3683be0b7832801a2cac"
x-cache-status
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=12h
vendor.983efe23.js
ab.ua/assets/ 		685 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/vendor.983efe23.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefd57fd837f56de0635ae1097cb9a20ec9db72890fa9c52b8ac7f643aae9a19
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713920
cf-polished
origSize=701521
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"ab451-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DRDKO33aOeMTfxKFRnYVG3OBTm7HElHvsiCbCdnfFjiH0k1YBBx7Zuf80TIw0LHuY3%2BAXbBlLjFQxtfmK7yAooEOTBMwzhqtLJ%2B3CBBAK8YgV0KO7L7GEvfQKVmtyy9xBs4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042238f99241-FRA
30c0804c1d.chunk.js
ab.ua/assets/ 		1011 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/30c0804c1d.chunk.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef53892f8009f2ecd75d403c2c6f3c3e04321dda0c7ce8cc450403def69e7d98
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
302270
cf-polished
origSize=1035394
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"fcc82-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIrwS9vSf%2F04g1dHJmbSdCZRlIYVOBWqfXmjCvOuftsj0nPjrxeRPk3i5vNyPAxUSpT%2FVoYJPM8sPaSIXWMfrUHJqviaXxQ71vLBPeDLtSK10qtLaJCnzVt2BlPJ8PChMpVV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042239009241-FRA
client.f43f55e5.js
ab.ua/assets/ 		423 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/client.f43f55e5.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc498892c93765049dda7d4062a4efc6c84f35d757c88a04aba58dbb3cfde4ca
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713919
cf-polished
origSize=433352
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"69cc8-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZv9LlL9apxbXkWaAh0LVWgo2kdilACGiocZprZBb2UkzbLqVRumJbe8oMMOyzOCAVGElzOPg4rCCP%2F0eNyA%2BwMtnhHeIq4TN0wREJwj%2B%2ByYYzze53ldIsJ%2FRxsDLyAIjfhK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042239029241-FRA
3de37e7e.svg
ab.ua/assets/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/3de37e7e.svg
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1232925018ef5cf84f48bf7bf44eb80ac16f805843d1f317b448fafd44a590
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713956
last-modified
Tue, 04 Oct 2022 20:05:57 GMT
server
cloudflare
etag
W/"2ef8-183a49ae088"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAjOhiDQZnPU5F7ewpxMCwjweFS13FIYiKeyUtC8Z6%2BYefARjhLC88RCKT6d234GaZt%2Fxn10MXw9qhDb4QTQidDm4%2F3wOY9xZ78uLV2zCyhgvDNuCHxNMAjWGjh46rALLni2"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042239039241-FRA
f33d7fc5.svg
ab.ua/assets/ 		388 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/f33d7fc5.svg
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4904699a83e4dba82f725d6861c9cd7828ee4ae6e93d1b91659a500e3652a9e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
713920
etag
W/"184-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTJVsdVSjaZnqiJBX8VdllXHNbG2SrFEPy7tMOvfH1SpUG8w1XVLvVBlsdl3XhX5DVVU8yjtSitzpg6fWeN2kEf8zioBchToSEdOEYfytZlIm%2FO%2FQ32K8RGKkv7aLmx8Uv7X"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042239059241-FRA
eyJrZXkiOiJvcmlnaW5hbC8wODRiZDZmYjg0NjM0MzY1ODJkYTE5MmY3YTE1NjJhNS5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC8wODRiZDZmYjg0NjM0MzY1ODJkYTE5MmY3YTE1NjJhNS5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
107a61a38acf30e247d685f957b6ca36bc84654cace1a74a2ac7218caf527d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:49:27 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
107439
x-amzn-requestid
03982fd2-0d5e-4668-ba47-27c9458e3d69
x-cache
Hit from cloudfront
x-amz-apigw-id
aWoTNGbXliAFvyg=
content-length
7410
last-modified
Fri, 21 Oct 2022 07:15:00 GMT
x-amzn-trace-id
Root=1-63528747-30b727c2631273e935d50c39;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
s-TQ07Z3YFv8WTwaAZ4LxZhRThF6dJf5Poz_hu5ZAi9NFcPmfXdJbQ==
eyJrZXkiOiJvcmlnaW5hbC85YzJhNTNlOTA3OGE0ZDU2YWRmOTdhYTkxMzQwZWQ3Yy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC85YzJhNTNlOTA3OGE0ZDU2YWRmOTdhYTkxMzQwZWQ3Yy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f057f2b214c11c8d2a64b492d7060d588c04bd0d2e5a579d5b0081943cfcf924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:49:28 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
107438
x-amzn-requestid
c6d6ae5d-9fef-4ea7-bdba-bcd3cb4db7b7
x-cache
Hit from cloudfront
x-amz-apigw-id
aWoTUHKzliAFeLg=
content-length
9552
last-modified
Fri, 21 Oct 2022 07:13:48 GMT
x-amzn-trace-id
Root=1-63528748-39fecadc3db781cb790d1367;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
_-Bd8li8Do8o7WdOPcq7MIBz-me2Jwp8p8qx8zsK7EbI_YFNMBlm_Q==
eyJrZXkiOiJvcmlnaW5hbC9jZDY3NmYwN2M3MDQ0NjY4YjliMDYzYjRmMmZlOGU0OS5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC9jZDY3NmYwN2M3MDQ0NjY4YjliMDYzYjRmMmZlOGU0OS5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e092a4162772b3d96b51b47055634661753e7d621aa8b055208abb9a55194fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:49:28 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
107438
x-amzn-requestid
a0f74d15-4584-4bf7-b9fd-317531d0b82f
x-cache
Hit from cloudfront
x-amz-apigw-id
aWoTRHSOFiAFpIg=
content-length
9590
last-modified
Fri, 21 Oct 2022 07:14:36 GMT
x-amzn-trace-id
Root=1-63528747-58e33c1d5f69ac643c08b3ab;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
72ttrkhe3RQa2eAO5MU3vPP1XyQ9mtLRK611NKLvGXunKZ3YorTH0g==
eyJrZXkiOiJvcmlnaW5hbC8yZmRiMzE0NzQ1ZTg0ZjA3YjkyMDA0MDdhODZlYWVkNi5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC8yZmRiMzE0NzQ1ZTg0ZjA3YjkyMDA0MDdhODZlYWVkNi5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
439c5e35c4416eab3a146aef5df911fa424dd621ce7a974a4a5d034a53c35502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:49:27 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
107439
x-amzn-requestid
852ba626-3c31-43d9-ae85-d93cd80aa132
x-cache
Hit from cloudfront
x-amz-apigw-id
aWoTNG-zliAFQVw=
content-length
9292
last-modified
Fri, 21 Oct 2022 07:12:44 GMT
x-amzn-trace-id
Root=1-63528747-245fcbf2212602f90b6b16e3;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
LKDlHYq3TuZtrZQ_qYOBZ7yrmagIHy38sByCmCHQTTQahMjMlD-7Gw==
eyJrZXkiOiJvcmlnaW5hbC82NzNiN2UwZGJlODA0MzgyYWUzMzEzM2Y0ZDMyZjUwMS5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC82NzNiN2UwZGJlODA0MzgyYWUzMzEzM2Y0ZDMyZjUwMS5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e907aa8982cc6fa6303938b9b89bd447afe611a1169d030479c8ac6114d49ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 15:42:32 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
1130254
x-amzn-requestid
01b956cf-0692-47e9-8026-74ca977c1ab6
x-cache
Hit from cloudfront
x-amz-apigw-id
ZvnMTEcOFiAFpng=
content-length
6992
last-modified
Sun, 09 Oct 2022 15:11:54 GMT
x-amzn-trace-id
Root=1-6342ebe8-50571fe05d1ec1a31f3d46f4;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
Lk2GjHXOvLoSKrLL9bOs7sPDG-bAKfD-T-CIhcvebkrYxWRRpPnZZA==
eyJrZXkiOiJvcmlnaW5hbC9lZmRiMDMzNmYxOWQ0ZDg0OTUzNjU5YWI2YmVhNDdhMy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC9lZmRiMDMzNmYxOWQ0ZDg0OTUzNjU5YWI2YmVhNDdhMy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d4a14f6194b873be7dbea5acb594401ac53cf9a19c6404d6358d44f37c35f34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 05:28:08 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
1080718
x-amzn-requestid
029b1bf3-ee9f-4aef-98e7-ef0fe1e65ac1
x-cache
Hit from cloudfront
x-amz-apigw-id
ZxgIWFEOliAFQ5Q=
content-length
7146
last-modified
Tue, 21 Jun 2022 12:39:59 GMT
x-amzn-trace-id
Root=1-6343ad68-2e51c20e47bfb2bb178bc29a;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
4Knnj7_KX7gLwju0SoPcJaUFiZbuR7E1MGXIfQ0zWTwAfKQQcqh83Q==
eyJrZXkiOiJvcmlnaW5hbC82MjQxYWI3NzA1OTk0NmJiOWFkMzkyNjdjOGIwNjBlNi5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC82MjQxYWI3NzA1OTk0NmJiOWFkMzkyNjdjOGIwNjBlNi5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f91b9bad5439bf39ae22c14749bf629274ede96f94271a54552eb226ac164e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:49:03 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
877863
x-amzn-requestid
3325d552-296c-4425-8169-4fd837acb993
x-cache
Hit from cloudfront
x-amz-apigw-id
Z5PYdE6TFiAFRKw=
content-length
8166
last-modified
Wed, 12 Oct 2022 13:38:12 GMT
x-amzn-trace-id
Root=1-6346c5cf-27ec9fb05987c1b65eec4a2a;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
AOqclBDSDRB0s6qLvOi_9pRc3zrFqZ7y07hsNcL1HEUxZJhI3zcARg==
eyJrZXkiOiJvcmlnaW5hbC9lY2UzNzg4OWRmZGU0YzgzYTk3MWMwZDIyN2EwNDMyYy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC9lY2UzNzg4OWRmZGU0YzgzYTk3MWMwZDIyN2EwNDMyYy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4a6fdbb924528e90f917ed7e9d608acd4d7fd3a66432c1782e3c03d25a6fefe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:29:53 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
184213
x-amzn-requestid
3a178b0f-a632-4116-9958-02e1bb8e6088
x-cache
Hit from cloudfront
x-amz-apigw-id
aTs3UEwDliAFs9g=
content-length
11732
last-modified
Thu, 20 Oct 2022 14:00:56 GMT
x-amzn-trace-id
Root=1-63515b61-07ed88d87a733fd411a7355b;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
55HwlZXI9Dhe2ny1EPaqwVN3c5zKucZcZUHdK8SDDuYvxp8fcAJqRw==
eyJrZXkiOiJvcmlnaW5hbC82MmEyY2JkMGY2ZTY0YTRmOGQ2Mzk5MDRlMzBjNjViNy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
d1672trkrgk4ug.cloudfront.net/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJvcmlnaW5hbC82MmEyY2JkMGY2ZTY0YTRmOGQ2Mzk5MDRlMzBjNjViNy5qcGciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjIzNywiaGVpZ2h0IjoxNzAsImZpdCI6ImNvdmVyIn19fQ==
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d524bb52c9c0184810b79cabad5acfcf380211b7beec5145755951d88f1630d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 11:38:35 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
712891
x-amzn-requestid
302d2378-21a7-4952-8ee2-8a5c0f57de13
x-cache
Hit from cloudfront
x-amz-apigw-id
Z_iJTGDHliAFcGQ=
content-length
9198
last-modified
Fri, 14 Oct 2022 11:01:23 GMT
x-amzn-trace-id
Root=1-63494a3b-1e3ce06c69b4d9d713c64479;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
a3PpzpokaFEJPWTCEPySqDqh59YBjONEVWj0dBziMf1m9g-XVNiY_w==
email-decode.min.js
ab.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Oct 2022 15:26:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634ec5bc-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Vl14p7m69xTqP8u4VYUV1W9iTG%2Bmsb9Ix4xrH3qQe%2BIlO5JfU74TMs77EZxebBS5QWlsL4aMoG5y8YSIY%2FadDPT3M%2FtGKq11KQGcJwHPYUClMZLX6sCOBZbzOkVh8s%2FF%2FlS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75e4042218d29241-FRA
expires
Mon, 24 Oct 2022 17:40:06 GMT
connector_6eca6bd211524687.js
connector.finup.lv/ 		0
0
gpt.js
ab.ua/ads/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/ads/js/gpt.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa9adaf81eb092f6caa8e2d0e736d9ed1933f669388d163bc8ef6b874aa02572
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713918
cf-polished
origSize=2046
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 19:50:12 GMT
server
cloudflare
etag
W/"7fe-183a48c7520"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xstiaUH3M75x0IbkNEX4xTqYwpcFeZ1%2BLwmcGODDIxovjy7ViuYRt6Aue38EifWZ%2BIyuMZpXqxM7wy8DjsCRbegS9D4naupcwtkotOQUOdRxX9BblojyzfCTvlQiGlQ9oUGz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042239069241-FRA
optimize.js
www.googleoptimize.com/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5KQNWP4
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6cd69acee0583161d938de5d4483723232058798645f84d25b5abb2bb26d2daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44056
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 22 Oct 2022 17:40:06 GMT
beacon.min.js
static.cloudflareinsights.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
75e404231df46983-FRA
hapai-autobazar-get-annual-full.js
ulf24.com/scripts/calc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulf24.com/scripts/calc/hapai-autobazar-get-annual-full.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.41.109 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web620.default-host.net
Software
nginx /
Resource Hash
f5f5f88babf28610d0b32539c16346222ca92fa5432b898b89cedb40830f081c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
x-ray
wn4774:0.000/
content-encoding
br
last-modified
Wed, 08 Dec 2021 13:21:24 GMT
server
nginx
etag
W/"61b0b154-c4a"
content-type
application/javascript
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ca5d609f7052e219cc38b473f04df801fb18a3d60121c0ba2ead898e03e2cac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 17:40:06 GMT
gtm.js
www.googletagmanager.com/ 		205 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M9TS5V
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8effdecce03465ad3d21afaeb678625930e4e3f46de1064a2e7e2d591218e2fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65049
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Oct 2022 17:40:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Oct 2022 17:40:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
p+naTiiAZpg4fSf5P1Q1O0rPyVMsfXStmu1B5SY3TpRwbdlnxubBlo5InOKFOwRTQAAYfaGhdsenYsFjFBrzQg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
583766ba.svg
ab.ua/assets/ 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/583766ba.svg
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3d0fd852e148833f62ecf97593cbdcbbc668445dd77353eb39533482b090d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
713916
etag
W/"59ba-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxbQtLcPyvZWj40gPJ3zEydtsQV1Epcobb6M3iYdnVfZ4nWn6yY1uFiijHawZiPJNVLs3vV6aVx%2BRyF4hQV%2F60tK4mTlAv5J0WbgoDvTzIv%2BVuVQAKhceJQQV9aSpJpY%2Bank"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042299a69241-FRA
styles-client-f83265f81149b717d9d252328f93d461.css
ab.ua/assets/ 		539 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/styles-client-f83265f81149b717d9d252328f93d461.css
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f1408c57b4de7184ed1b90f6dbc0a24ec7759b68eceee9f7184856b6b2eb83
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713920
cf-polished
origSize=552947
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"86ff3-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSsXT5oYSat2Y8K1BYUKPh1H3sMSormoFSwfQLAnTMQTRzw3AMcj5ySaNgCHUtC0YdpF4b%2BdNJJae5EgCW5yq3Yt%2FfangDq6EmtZR0ZFJ%2BYv6XBn3fsExNnm%2FuSKVKonOqa7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e4042299a79241-FRA
ebaf9439.png
ab.ua/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/ebaf9439.png
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0000654a8883e04eaee55c2ff2cc6fe5b00cd1bf3a8e152d9af73159ce23cfff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
708954
content-length
2311
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"907-183a49c8280"
vary
Origin, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GGsMhOyeMORUjcIH8YXTHmhBp%2BzAuf4T1HPRz3%2FUHuUR5e1zR%2BSCtVnxLbywD1sg6sDw9JkqElLpeZJL66crHOIr0RjnK%2Fvy8ZJQSrtHCnL953bfsb0jzktUbFp3Cu3yh5m"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e4042299a89241-FRA
cf9c23cb.png
ab.ua/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/cf9c23cb.png
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a0a9d32817f8befa7b26ae9e17761984c306e56d74ad1588e34f73cc168ede
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
390392
content-length
2098
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"832-183a49c8280"
vary
Origin, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scvN6lA9Nz4KXa%2Bja508Hlz90EsPsMLIaNKyDAk4yMkSWUIHzMTTNE1esrXPpvYphOZDCUP4ub8Stw7r7s2lVY%2BDgZjD70C8RzYL5KiXyQVPO%2Bx%2F3iR8wSCxstO17V1VaePa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e4042299a99241-FRA
f0e107c3.png
ab.ua/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/f0e107c3.png
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d243988f1bf9d3b8a31b27771a9b737e1f47af4759b104ad4b006a40b0b5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
390392
content-length
2179
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"883-183a49c8280"
vary
Origin, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRGaCvGi8KZ0nPqQEb87Q2SLvl2F6nEqSTB3%2BCrMeJ9a%2FA9RwPFX8xNAyih%2Br84UhJ2dCnHDff7Xwp9mj4Y8itzE8SMEK%2FO%2FAJ9hjEB50yt7%2FBReMb8Vm%2FBEEWrA3pycx4fF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e4042299ab9241-FRA
84442870.png
ab.ua/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/84442870.png
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76f7cd9fe750fc73e726eb1b46dc55ea436bc15b7116efe9b47b2d1b8b53edc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
708954
content-length
2351
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"92f-183a49c8280"
vary
Origin, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4PVrCkE5tH2AoEWypnvpCUsyVm9IboTJzsmuco0VgYuxkOM4aq2bDeDiBJucuvrEUIWwa%2FAzFxVFfj0TydsdtNBlRIKr36Kd%2B4lzxdPC7Z8fC5dfFbfbadmSbW%2FuJIGYvM%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e4042299ac9241-FRA
f1fe6b35.png
ab.ua/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab.ua/assets/f1fe6b35.png
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721059d676a3946b8b3ee73aa2f3740a1c9fba1d803306d731a561cf38682862
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
708954
content-length
2822
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"b06-183a49c8280"
vary
Origin, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcptwDaAG4630hn0SyojXqXrq3AlIIbZGbPICZAX6neTdvPFZPQuI68RSWDxUqrl1cVzi48hXXLVgy%2FX6XULLFO0K8nGHWrgd305gC2APeGzpCpxzYKdX6WQgJJUh3v9lvLW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e4042299af9241-FRA
eyJrZXkiOiJibG9ncy9zdGFydC1zZXJ2aXNub3lpLWFrY2l5aS12aWdpZG5lLXZpZC1yZW5hdWx0LmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjQwLCJoZWlnaHQiOjIwMCwiZml0IjoiY292ZXIifX19
d1672trkrgk4ug.cloudfront.net/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJibG9ncy9zdGFydC1zZXJ2aXNub3lpLWFrY2l5aS12aWdpZG5lLXZpZC1yZW5hdWx0LmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjQwLCJoZWlnaHQiOjIwMCwiZml0IjoiY292ZXIifX19
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
83eb0b5622b7769d24bbe8293c1429913d0910add83fec0afc3246bb9b555bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:08:38 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
379888
x-amzn-requestid
bcc918ff-56f9-44c7-b715-a136ae9ad9a0
x-cache
Hit from cloudfront
x-amz-apigw-id
aMPJGHHIFiAFpLQ=
content-length
11670
last-modified
Tue, 18 Oct 2022 08:07:09 GMT
x-amzn-trace-id
Root=1-634e5f06-70c552104f42285f2f79f79d;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
AatIIRyn-xWcHaGQz6Iq9dSeTS9ftgL1EFQge3EQO9TeJEnqlSd2SA==
eyJrZXkiOiJibG9ncy91a3JhaW5za2F5YS1rb21hbmRhLXZ5c3R1cGl0LW5hLTEwLWNoYXNvdnloLWdvbmthaC1wZXRpdC1sZS1tYW5zLmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjQwLCJoZWlnaHQiOjIwMCwiZml0IjoiY292ZXIifX19
d1672trkrgk4ug.cloudfront.net/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJibG9ncy91a3JhaW5za2F5YS1rb21hbmRhLXZ5c3R1cGl0LW5hLTEwLWNoYXNvdnloLWdvbmthaC1wZXRpdC1sZS1tYW5zLmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjQwLCJoZWlnaHQiOjIwMCwiZml0IjoiY292ZXIifX19
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6e1faada6818ab9b8f072a0d42e2d658a344a420fa8a5e93d9949852cc4e6796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 12:34:47 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
1227919
x-amzn-requestid
3ea96fd2-e48a-4ead-9528-4df7c0e274a0
x-cache
Hit from cloudfront
x-amz-apigw-id
Zr4wJFrPFiAFQ-A=
content-length
10170
last-modified
Sat, 08 Oct 2022 12:33:15 GMT
x-amzn-trace-id
Root=1-63416e67-0a9cba90240e84bd07fcdb58;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
28rC_69yUWqN9zJ_zcyroW3zJS5xc3xWppTo9YvNsTD-w_k7s_HVqQ==
eyJrZXkiOiJibG9ncy9wb3JzY2hlLXRheWNhbi1jcm9zcy10dXJpc21vLXByZXplbnRhY2l5YS11bml2ZXJzYWx1LXZpZC1wb3JzaGUuanBnIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoyNDAsImhlaWdodCI6MjAwLCJmaXQiOiJjb3ZlciJ9fX0=
d1672trkrgk4ug.cloudfront.net/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJibG9ncy9wb3JzY2hlLXRheWNhbi1jcm9zcy10dXJpc21vLXByZXplbnRhY2l5YS11bml2ZXJzYWx1LXZpZC1wb3JzaGUuanBnIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoyNDAsImhlaWdodCI6MjAwLCJmaXQiOiJjb3ZlciJ9fX0=
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fd998b5850949085d1b4a6b7bee50529388c2552bd1482ba96fd5040bcd28869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 11:51:52 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
9265694
x-amzn-requestid
275c012a-f32d-4375-9333-a0ea3419ce3a
x-cache
Hit from cloudfront
x-amz-apigw-id
U5RRyEaHliAFgkg=
content-length
11158
last-modified
Thu, 07 Jul 2022 11:37:34 GMT
x-amzn-trace-id
Root=1-62c6c8d8-25ecb855646f75674cf17411;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
wjKQM6Uc115vV0aBdREhDj6CNJfz34QChQFnyqrs4tpgH9DSySZYrA==
eyJrZXkiOiJibG9ncy92c2UtcHJvLWJ1LXZ3LXBhc3NhdC1iOC1pei1ldnJvcHktc3RvaXQtbGktcG9rdXBhdC1wYXNzYXQtYjguanBnIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoyNDAsImhlaWdodCI6MjAwLCJmaXQiOiJjb3ZlciJ9fX0=
d1672trkrgk4ug.cloudfront.net/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1672trkrgk4ug.cloudfront.net/eyJrZXkiOiJibG9ncy92c2UtcHJvLWJ1LXZ3LXBhc3NhdC1iOC1pei1ldnJvcHktc3RvaXQtbGktcG9rdXBhdC1wYXNzYXQtYjguanBnIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoyNDAsImhlaWdodCI6MjAwLCJmaXQiOiJjb3ZlciJ9fX0=
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:4e00:a:7aac:6200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7297b79170bb0b71d01696205cafc661bb21045047f0becc3d88fc34ef0e4dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 12:07:54 GMT
via
1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
8832732
x-amzn-requestid
b5b78cae-6f85-4f32-b988-ec3103c34fc1
x-cache
Hit from cloudfront
x-amz-apigw-id
VJyUNEuyFiAFeQQ=
content-length
9016
last-modified
Tue, 12 Jul 2022 12:07:35 GMT
x-amzn-trace-id
Root=1-62cd641a-4d0dd1f1233fbb89726a37da;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
bywEDiVqkPgCDUSIIAjsVYJzVEygmpixCDTnu_Xkp8J8P-NEBVUB2A==
af7ae505.woff2
ab.ua/assets/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/af7ae505.woff2
Requested by
Host: ab.ua
URL: https://ab.ua/assets/styles-client-f83265f81149b717d9d252328f93d461.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ab.ua/assets/styles-client-f83265f81149b717d9d252328f93d461.css
Origin
https://ab.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
714300
content-length
77160
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"12d68-183a49c8280"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6TLa1RH%2BHpQwcgHjJlN7hWzqHMhQPP6yUvX3O4yAgVWx0JDk6I0YGpk6s%2FuI1e8kZrhSAXU5%2FcthCWSVRjh7gHIzK97wLyxiTVxo%2B5Toxl5KHAzC6gLuHBFjcUofRBfmf4l"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://ab.ua
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e404238b5e9241-FRA
expires
Sun, 13 Nov 2022 11:15:06 GMT
613039182520011
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/613039182520011?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9292f1d224e23eb1cbfd66f8284ae33fcf8c17611f1a08547c52c967f81b4d7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Oct 2022 17:40:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
uYbt0FMAE8ALHCN+UPQOfKSEpNDkY1aW+a9W7/6H6fWaYG5mVEqTnYt/qe+bOBNtsKZ0Ixk7no9bpjmTnGv/xQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Origin
https://ab.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 14:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 14:26:03 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=613039182520011&ev=PageView&dl=https%3A%2F%2Fab.ua%2F&rl=&if=false&ts=1666460406530&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666460406528.162475577&it=1666460406416&coo=false&rqm=GET
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Oct 2022 17:40:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
anchor
www.google.com/recaptcha/api2/ Frame 0024 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
70c2c548be1c6c2cc8bd40d0f4e8cfe8e819ab36305fe4af5edb3f5b764010db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8GTlT8KBmWRLVO_-yGJqvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22258
content-security-policy
script-src 'report-sample' 'nonce-8GTlT8KBmWRLVO_-yGJqvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/ Frame B44A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:46:22 GMT
etag
9671129459699598864
expires
Fri, 04 Nov 2022 19:46:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4849a01734.chunk.js
ab.ua/assets/ 		208 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/4849a01734.chunk.js
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3869c8390e98c318a0f86bbb9dbf5949bb3ab162eb7eec743051433c427d8e1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
714301
cf-polished
origSize=213244
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"340fc-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e854Xez60ITAk5kRvfI3jjZ4wM99%2Fz7f%2F9KDEPF8skgX7wExdiwWjjYHQldU6DcQ9AWQsSDee9bej3j3JLQ4VuRU%2Br00I2W43wwYgc3MAmzsprQsQ8aKrzUCQJuiGvNazHv6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e404286cc79241-FRA
hb_305157_6807.js
player.adtcdn.com/prebidlink/462905/ 		339 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462905/hb_305157_6807.js
Requested by
Host: ab.ua
URL: https://ab.ua/ads/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54dd45bea4857cf125bc57cbbcbe76bd57ec00568de465f90813b989e210a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 15:59:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132
etag
W/"634ecd79-54ad1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ%2BO2%2FkSrDCiib3Kilc0fPlptJtfD1fRPp5kn3fOUWDDf8POooKvzYTDf%2FJqhmJsh20YhL%2FuEUv5RAZ2aPlelLlhtReB3d2oGg%2B4EAa5yDcBg1IHGgSwwphtUDx%2FwzZE9Pcah6j28rzfmuFCvbpSMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
75e404295f50906c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Oct 2022 17:52:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ab.ua
URL: https://ab.ua/ads/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a33d903bf93c65fb23bbeca706ca3d5986b28a256207b89a4b922f37358de5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27348
x-xss-protection
0
server
sffe
etag
"1371 / 89 of 1000 / last-modified: 1666390018"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Oct 2022 17:40:07 GMT
wrapper_hb_305157_6807.js
player.adtcdn.com/prebidlink/462905/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462905/wrapper_hb_305157_6807.js
Requested by
Host: ab.ua
URL: https://ab.ua/ads/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b26cf244d276d1ec0cf629e08a400ac21944ecfe64ce53acedeab749a49779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 17:00:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132
etag
W/"63517e96-6c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owm%2FKR8l%2FXYa2zF%2BPa3x65eDp4jvUC9z9N%2BFmpRAK%2FCIFoVrjWYujYAMIgABkUUYSVkdJcpBljJKrPAJjAE62PvQBRySMOdqMx5wmx0FgnEA9TU7LWHVGH430rFvb28EBCdjlZRnU0c1xFljJ%2B%2BCVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
75e404295f54906c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Oct 2022 17:52:55 GMT
collections
markup.server.retentioneering.com/api/sites/10/ 		0
0
invisible.js
ab.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 985F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666454400
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06052921b1401a415914b59f82b0e37fb3dfe60860bd96ef4c804880d2fc191f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoRHBuOsT5WaHz4rtEKq%2F5WnWXlw1hGPrGbqhh2ZDoZGKYtElxtrnOpR5rDlI5rbFjR7hTdzuvp7nkGX5YJirHStFs%2FHkG4lYwROvAeF0j3OMPkq1jfOJ%2FR2mH8Skf%2B%2FnJAW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75e40428bdc39241-FRA
/
www.facebook.com/tr/ Frame AC7A 		0
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ab.ua
Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ab.ua
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:07 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
27e2ade260.chunk.js
ab.ua/assets/ 		85 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/27e2ade260.chunk.js
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4fb3c21f8e79db3cb147729df83e213cd1029373a10b975ea7505e6498513f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
714298
cf-polished
origSize=86958
cf-bgj
minify
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
server
cloudflare
etag
W/"153ae-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9MC%2FWPslsNhGm%2FzsCClcRJhIUhLW34cKbO%2FGKUsN3xEvS%2Bnoagv6tSRQlnfBgR%2FW9mjjNghfbpaL1kKy09aFcAJydVsutrJEv7UXMHyx%2FA%2FqgTdMF1bUDX8D19woo7m92ks"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e404298f909241-FRA
collect
stats.g.doubleclick.net/j/ 		4 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38995824-6&cid=2133675183.1666460407&jid=542251269&gjid=1467802196&_gid=1794283272.1666460407&_u=aGBAiEABBAAAAEAAI~&z=27923949
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 22 Oct 2022 17:40:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ab.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-2425535.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2425535.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M9TS5V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
e16983fcba4ee5f1e5a48ca3a2e051ff34ad2f59d788a155de4b5919d252bb85
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:39:43 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
24
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/317b9a1e769386abc0a9946f341d8f24
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
U2ziNgzOkEak3kZabBamP-BNprVU0igpnYn6-iiYmeSUSiJ7JdM5PQ==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7510457504943044
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5M9TS5V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce0ead743a7b7d26db0b3f9fee522d34459fd36e4d1d39bc50bb298cc63087d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55136
x-xss-protection
0
server
cafe
etag
14836181496697684684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 17:40:07 GMT
769317434367305
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/769317434367305?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed4ea613399bc877dd667a01dd754a4df5ce1d9ae76666c238ca918d88e2b39a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Oct 2022 17:40:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
MQ8ZWOQQg6luhx+Q2n0PMODQcj5WUnPrf8SIhvy25KZQsWWojltw1bVTFIZuzeCZ5QMeDuhYf76lQdy1nBhYPQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1563670814&t=pageview&_s=1&dl=https%3A%2F%2Fab.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D0%B1%D0%B0%D0%B7%D0%B0%D1%80%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B0%20%D0%B0%D0%B2%D1%82%D0%BE.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BE%20%D0%BA%D1%83%D0%BF%D0%BB%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEABBAAAAAAAI~&jid=542251269&gjid=1467802196&cid=2133675183.1666460407&tid=UA-38995824-6&_gid=1794283272.1666460407&gtm=2wgaj05M9TS5V&z=2133270532
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 05:06:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45215
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hbw_master_305157_6807.js
player.adtelligent.com/prebidlink/19287/ 		113 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19287/hbw_master_305157_6807.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462905/wrapper_hb_305157_6807.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
680be2a968430c7b49bf374c2f8eb095b2fa90697ceeb5c6b806d3b2d3c61dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 24 Oct 2022 17:40:07 GMT
date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 17:00:06 GMT
server
nginx
etag
W/"63517e96-1c385"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
/
ab.ua/api/posts/ 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/posts/?show_in_ab=1&language=ru&main_page=1&page=1&per_page=4&rubric=news,promo,stati,obzory,test-drive
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec5c464bd850932a1b731068acb4c5d9d113a4cc4cd294df4d700885b7455f16
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi4gsCQXcai8kTBLUcexFuPJkP6jUBcfLmmjU%2B1bstd16bcfbu7qOU3%2B8RNHE4lAjJcc3nBnn%2BNSmcozcxl3zy5fttE6PR33TEkts8gUm8Pgq2J8jpcL1X5u386rIMOks%2FEI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e4042a7cf6994b-FRA
expires
Sat, 22 Oct 2022 17:41:15 GMT
/
ab.ua/api/vehicles/newcars/ 		68 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/vehicles/newcars/
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c50640e16f517ff7506392668244e4c2a61620647aeea28059c963d6ee7cdf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
allow
GET, HEAD, OPTIONS
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1E38yTk4Jq0edaYWVQMttVZ1OkYi5uBgxMfseSK9e8cV168J%2FePpgufQUSkjOejzXp2N%2Fzz%2BjcFXmau70KiBSpejEFMLe3%2Fx8lS3BoAndvPDXyrluqFtXF3b78w0DEhMqPQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e4042a8d05994b-FRA
expires
Sat, 22 Oct 2022 18:10:58 GMT
/
ab.ua/api/posts/ 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/posts/?show_in_ab=1&language=ru&main_page=1&page=1&per_page=4&rubric=video
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26cf9bc8786b3b516cf9a9504187a1f00d48730c572a8348b912abe4189a2cdf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e76lNSv6xnsrYlv1vIUQ%2BAEZ%2FQcz8VQ5F9YclWsEzYrzAgjxuvaUwfTo4XbUP3uneAWzGG%2FguHBxxnKGcN2Igpw2Fi2Q%2FNDEuGLITl404m%2Bf0zLshy%2FQA3dvuv3WjqgPtBzg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e4042a8d08994b-FRA
expires
Sat, 22 Oct 2022 17:41:15 GMT
/
ab.ua/api/_posts/ 		276 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/_posts/?is_vip=1&transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7f25f7f186c3f8391555e960010c19d2837295e0a8ada5c481aad3f3cc12c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cache-provider
elasticsearch
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
referrer-policy
same-origin
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vx58oKmGvcWmAe2%2BD9z7ruCkj8KmjfMB3%2FAOgaq5mLLUQ4OMO%2FNK3DTaveA5%2BYjCmzqT0r%2FFYis9ObVhCcL2580wYIFWB9o4YpYK52lzQqKox%2BUed7hcc2VT1XcsJ1N8qE0s"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=15
cf-ray
75e4042a7cfc994b-FRA
expires
Sat, 22 Oct 2022 17:40:23 GMT
/
ab.ua/api/_posts/ 		224 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/_posts/?price_from=1000000&transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d7846499d76c27334262e28d19530c1eb0953fecc846396d5327c06aa9aa5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cache-provider
redis
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
referrer-policy
same-origin
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kq1joQGBe1Uj4RB4yBBgw8Y3UfvKfmRDJ38lEz7nkED8b51kb1%2F%2FnFjanaUChIOu2oq3RB9%2FPPFfdmoaqUX6gn4Vk3REQwuoRtsDIOV18fsuNEA9LMO3nbh5XIdmAQJ%2BrOP"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=3600
cf-ray
75e4042a7cfe994b-FRA
expires
Sat, 22 Oct 2022 18:10:29 GMT
seo-text
ab.ua/api-urls/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api-urls/seo-text?seoTextName=index
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982ae60b1cdd83a93411a7579913519405a3831aad1a10af11870c595787b5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"128a-wUk3egvo1OgZytly+J55rFoOV1I"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6MEuDtfoxMlAELhU3xZn1X8OnWiTY3bajzgD77VlQfFa4eX0DK8gElQK%2B%2B0kp0wIrdgOAXPy7CqWt%2FJztSyHI8EBAuNK3%2Bnjh6nIh4ND9GvYMpwSncm7reHXuPXE5Yga2B3"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
75e4042a8d01994b-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7510457504943044&plah=ab.ua&bust=31070415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb3d71f04aa28366e14b98f0b79db2f92f5aca24d4fbeab9da1b92c51e9ef9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118765
x-xss-protection
0
server
cafe
etag
16062437807387615504
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 17:40:07 GMT
/
www.facebook.com/tr/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=769317434367305&ev=PageView&dl=https%3A%2F%2Fab.ua%2F&rl=&if=false&ts=1666460407459&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666460406528.162475577&it=1666460406416&coo=false&rqm=GET
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Oct 2022 17:40:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 0024 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 19:34:24 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 0024 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 14:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 14:26:03 GMT
pica.js
ab.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 985F 		21 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ab.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f195c497f07ff49797bdfda762ca24d58f2e11683377435c2d948637018d464

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGABPt3rdtLTqv8MGsh6w%2FJrnbAUTr5OQnmyMsLpAbmbWAg4u%2BsfcRn%2BpGirAekNXg93cylk2oHjtNSxylbt4z3aZq47DBHLJYBFqaSNjmfD4lUFx2PtTnNQ6itBzctYJdWy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75e4042afa269241-FRA
cookie.js
partner.googleadservices.com/gampad/ 		377 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ab.ua&callback=_gfp_s_&client=ca-pub-7510457504943044&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7510457504943044&plah=ab.ua&bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
842ed7562f48ce5eaacd438fb4cec57ea5e6370e28ad9a4301fbbb0e44da82b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ab.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7510457504943044&plah=ab.ua&bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ab.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7510457504943044&plah=ab.ua&bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fab.ua%2F&tn=DIV&cls=CjTMX%20_3v0wi&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 95E6 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7510457504943044&output=html&adk=1812271804&adf=3025194257&lmt=1666460407&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fab.ua%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460407425&bpp=4&bdt=1417&idt=107&shv=r20221019&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6250335817982&frm=20&pv=2&ga_vid=2133675183.1666460407&ga_sid=1666460408&ga_hid=1563670814&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070415%2C44776415%2C44775016%2C44776449&oid=2&pvsid=3474196292401875&tmod=468558536&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7510457504943044&plah=ab.ua&bust=31070415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:07 GMT
expires
Sat, 22 Oct 2022 17:40:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38995824-6&cid=2133675183.1666460407&jid=542251269&_u=aGBAiEABBAAAAEAAI~&z=1137337130
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38995824-6&cid=2133675183.1666460407&jid=542251269&_u=aGBAiEABBAAAAEAAI~&z=1137337130
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:27:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 Oct 2023 17:27:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		79 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ab.ua
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59d43c1c4cb995a418871f057e4cdbb8fee0979377ed27c674356170b0434307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Sat, 22 Oct 2022 17:40:07 GMT
/
ghb.adtelligent.com/geo/ 		153 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8cc55ead004ccdbeb6ac4034b5f6cd1a5a4d0080554dd72d83b782a05db86d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 17:40:07 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://ab.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
153
tracking
ghb.adtelligent.com/adunit/ 		43 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=305157&site_id=6807&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fab.ua%2F&adid=k7hzxk.vo&features=81952&vpbv=N091&tte=475&lifecycle_tte=1834
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 17:40:07 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://ab.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0024 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 18:59:48 GMT
x-content-type-options
nosniff
age
340819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 25 Oct 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0024 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:06:41 GMT
x-content-type-options
nosniff
age
347606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Oct 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0024 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 22:21:19 GMT
x-content-type-options
nosniff
age
415128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 22:21:19 GMT
75e404212f0e9241
ab.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 985F 		2 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ab.ua/cdn-cgi/challenge-platform/h/g/cv/result/75e404212f0e9241
Requested by
Host: ab.ua
URL: https://ab.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666454400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:08 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
75e4042df8399241-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6m66XeSgrwl%2FXnM794PQKuuXzeuMYMUlWuWG0FQk%2B07AjvnaETvSRgvJgHF52kB6D1OOZWzsNQnO7wDfRgWsP7hXveXlaMXRxm7gCDzusA%2FsaZj%2B5xzVZTL7Ucx9cbEwQ1c"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
webworker.js
www.google.com/recaptcha/api2/ Frame 0024 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWm20eAAAAAOdt2VXiYuupWU9DNobcIUVES4wK&co=aHR0cHM6Ly9hYi51YTo0NDM.&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=dlfqtd7ncib2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 22 Oct 2022 17:40:08 GMT
/
www.facebook.com/tr/ Frame D890 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ab.ua
Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ab.ua
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:08 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
modules.5f63ca60a03298133ad8.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5f63ca60a03298133ad8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2425535.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
f433122da8de4f7e86aaa0422f1a1a782729938a6cf58632a1f591178b5b91f8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 12:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
364922
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66045
last-modified
Tue, 18 Oct 2022 12:17:20 GMT
etag
"eb4f228026ced3bcaadde65163571860"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
zDLC-iJqG1kyF3Sn8TFc_XoP3r1LCGPrEq07_FbvVMRlYLwMuQ6F_A==
csyncs
ghb.adtelligent.com/ 		426 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=525818
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
723154b6d9a69d1b9189c689ad63b143a8f10f181178837e375458bd402553d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 17:40:07 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ab.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
281
box-c1417f7b48595d0dbca01c86f95d6dbb.html
vars.hotjar.com/ Frame AFDF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2425535.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
/
Resource Hash
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
376082
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 09:12:06 GMT
etag
"d2c298a660a1ee92f094a3d504e3e2e6"
last-modified
Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-id
N7XZsRvsxgLs1-U2rQqMuyWVzrivlgxXqDxo3Y41j8nGMgNKM5knGg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
/
csync.loopme.me/ Frame 88E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19287/hbw_master_305157_6807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
31.174.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 22 Oct 2022 17:40:08 GMT
server
_
csync
sync.adtelligent.com/ Frame C986
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
  • https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=076d8fd6-40bd-478e-9a8c-ef66a3e5d807
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=076d8fd6-40bd-478e-9a8c-ef66a3e5d807
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19287/hbw_master_305157_6807.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Sat, 22 Oct 2022 17:40:08 GMT
Etag
c35d0b51e652b554
Server
Adtelligent

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 22 Oct 2022 17:40:08 GMT
Location
//sync.adtelligent.com/csync?t=a&ep=736011&extuid=076d8fd6-40bd-478e-9a8c-ef66a3e5d807
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b867668e-ec2e-4047-a84d-d4efd7219121
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b867668e-ec2e-4047-a84d-d4efd7219121
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 17:40:08 GMT
Server
Adtelligent
Etag
c35d0b51e652b554
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b867668e-ec2e-4047-a84d-d4efd7219121
date
Sat, 22 Oct 2022 17:40:08 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
/
ab.ua/api/polis/osago/filters/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/polis/osago/filters/?langSign=ru
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202a34ffa273702ea80686b2f8a1d0ff9bd1169c54dd1578afce8038654baaf1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
x-ab-api-direct
OK
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcCOXSMMdx1nGF3PRUQeSqNEPmLc%2BL6Nvhh%2BTHMFLeJkVk%2BqY%2Fto9hjYInl3%2Fqh3FmK1R%2B5CjZZAxwWAgXyVTYHq7BklVHF1dviIta9%2BpKHIvGFEuZHcy%2BtI2RtD%2B5bQUYCY"}],"group":"cf-nel","max_age":604800}
cf-ray
75e4042ffa7b994b-FRA
/
ab.ua/api/polis/cities/ 		3 KB
872 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/polis/cities/?name=&langSign=ru
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6383d551012d6308419f27d768cb52794faff8ba73da309e00c579e161064784
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
x-ab-api-direct
OK
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKk8hPO%2BpNzgx%2FVNoj%2BU%2B5AkxLGera%2B6YuGVvKMwDrjbyCmC%2FlFHv1WPJXy3ApqcK6otQckxhzEasu%2FmKNVk52kCsxz%2FimG9DTEVHJeGh7cpGqPIWsydXI8EEK1vVSZ5Nwib"}],"group":"cf-nel","max_age":604800}
cf-ray
75e40434adb7994b-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22a726b061b7cbfbdc336d5b8e1b57189f692caa889b0024157729465cfd6b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11310
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ab.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ab.ua
access-control-max-age
86400
cf-ray
75e404377f1bbb83-FRA
content-encoding
gzip
content-type
text/plain
date
Sat, 22 Oct 2022 17:40:09 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ab.ua
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
75e40437bfbbbb83-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7510457504943044&plah=ab.ua&bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 17:40:09 GMT
/
ab.ua/api/transports/makes/ 		50 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/transports/makes/?transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40dbc40e9e081340260614465a04420f5ba88bb97a319f53887b3030a7c3b0ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmvFxw3Q9sE8WqC0%2FJ1VrVi93E0wnY8y77QzNH8C0DllhN9Q1aPGlOfeWgvS9TEH1Aj3vL0BQ4PhWFVIDevwJ1TZuUr5YH%2B9bVGS0ZYL68V0VfYn%2BaX1jJqepgxtU7iY4%2FYy"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e40435d89e994b-FRA
expires
Sat, 22 Oct 2022 18:23:48 GMT
/
ab.ua/api/transports/categories/ 		2 KB
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/transports/categories/?transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29be1843ad37411fa7e046084a2b5d2bf7b400687e78ae22002058353f94a988
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toHScY%2FM2D3vT8TNQp5yu8WvlARpKHyOjpnCSas7oTRfW70LLbDq1A%2FGdcZDRXuSMUUZFNRtvsioT29kfHc%2BZmmElr5DUk0JT5V93bpZQXJUV777uhr4VW283gZKz3Ya2CB4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e40435d8a1994b-FRA
expires
Sat, 22 Oct 2022 17:52:09 GMT
/
ab.ua/api/transports/engines/ 		700 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/transports/engines/?transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d0101029811eb24a54fb6df18465c8215197611e6fba81863f7b44657340d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5N13nUafLDVmxYk3SsyubC28SI3dgpwkQX7BEMLe4YCAmH94F2aIfm1YJMgoidi2V3JQ1vYbuk5IMuFJp%2Ba99jSCD4DBvXlSkN7SdkZkGmDhhIJeP9pw466JqdDYzLgj6WG"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e40435d8a5994b-FRA
expires
Sat, 22 Oct 2022 18:19:13 GMT
/
ab.ua/api/transports/drives/ 		573 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/transports/drives/?transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c15714a07f4cb1346249a2746adcda0b565705048fd85777c0a0f1ccd436ca3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0m3Sp5hNArW3kLFTEG6pUyx5giQ2T%2Fkii6R%2BglDjZbX7BGKjabhRHKrzIMCKXrVQjk1A3JOv7nauqTPE3eiK2soLQMhMmv%2BlMG60RLsDBZB5fdHySF6u64ysSv9u0LB4l8Q"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e40435d8b0994b-FRA
expires
Sat, 22 Oct 2022 18:20:42 GMT
/
ab.ua/api/transports/gearboxes/ 		508 B
690 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/transports/gearboxes/?transport=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d209421876317a175cdb5e79cc5add2a7f2b6cce6fc49071bab1b34d12bed83
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYJWEiglJw3I9lxAuH%2Fs8XhOyrOXdn3yznjLjC2HiuEu3VU7k15o4btOnPB%2BC8on831gIrTxR8cKcpBLNc1%2FT7NZ2wJ2NkVvaoubmT%2BcsmyFHZLELpl4i%2FjVtNwU%2BFHW7HG5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e40435d8b3994b-FRA
expires
Sat, 22 Oct 2022 18:19:13 GMT
/
ab.ua/api/classifiers/locations/all/ 		114 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.ua/api/classifiers/locations/all/?parent_id=1911
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acfaa714fe8f812c7c2babb8fc824af79f4645198442ca042b8d250efa2b59b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-forwarded-proto
https
x-node-bypass
OK
referrer-policy
same-origin
server
cloudflare
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
vary
Accept-Encoding
x-ab-api-direct
OK
cache-control
max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wYieT5r3Wmf8xDSzcvaDOGZbURrh2pAeI7VQkRXV3L%2BiYsTjEpTQJhvzw5qMDS89vVF8g1ZQ5AEQdbtre%2BUvhTLXyCZSTpdSamJHE%2B9c8M4yKC6eViMzldUHt0n%2FKeBYA9N"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75e40435d8b7994b-FRA
expires
Sat, 22 Oct 2022 18:09:29 GMT
tags
creativecdn.com/ Frame 92CB
Redirect Chain
  • https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518
  • https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
464 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/client.f43f55e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
42724505e73d98d4ce6477eab93dfa7bd63a28d1092fcb0a9aa76e0975ca1549

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
content-length
340
content-type
text/html;charset=utf-8
date
Sat, 22 Oct 2022 17:40:09 GMT Sat, 22 Oct 2022 17:40:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Origin, Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 22 Oct 2022 17:40:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary
Origin
583766ba.svg
ab.ua/assets/ 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ab.ua/assets/583766ba.svg
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3d0fd852e148833f62ecf97593cbdcbbc668445dd77353eb39533482b090d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Oct 2022 20:07:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
713919
etag
W/"59ba-183a49c8280"
vary
Origin, Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2B7qLU3gvOdNdAoiAElPb2Q%2FFDGWmcP9BgWbw3cEEnbo6IZ%2BD%2BQLUab0aMZkTzdELwmNY%2FB7TOQDd2YPnC092F7RlfT12zq7HH8VBZxwPknDve6eURi%2FEB05asrue%2BuFRePO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
75e40437eca89241-FRA
branding
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=7742&0.6250353500831778
Requested by
Host: ab.ua
URL: https://ab.ua/assets/client.f43f55e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
1d622a47bb69b0c7cb8d98d125f403d98eecd41843273cf7b359fd696a859dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
config.json
player.adtelligent.com/exchange_rates/305146/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/305146/config.json?cb=https%3A%2F%2Fab.ua%2F
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a4b45caa4de140d269aa1da054ed80cd3f2b7dc2e8c172d263fb556ea315979f

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 24 Oct 2022 17:40:09 GMT
date
Sat, 22 Oct 2022 17:40:09 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 12:01:11 GMT
server
nginx
etag
W/"63528a07-1163"
content-type
application/json
access-control-allow-origin
https://ab.ua
cache-control
max-age=172800
x-proxy-cache
HIT
cm
cm.creativecdn.com/adx/ Frame 92CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=dEpiSkZqdVVtNWFwOGdrZHF2VlM%3D&pi=adx&tdc=ams&chain=
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPuoJ6RqIRtemRGLs_yFwzs&google_cver=1&google_ula=5153224,0
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPuoJ6RqIRtemRGLs_yFwzs&google_cver=1&google_ula=5153224,0
Requested by
Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creativecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Oct 2022 17:40:10 GMT, Sat, 22 Oct 2022 17:40:10 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEPuoJ6RqIRtemRGLs_yFwzs&google_cver=1&google_ula=5153224,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 221A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 13:55:49 GMT
expires
Sun, 22 Oct 2023 13:55:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A810 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9823ec78beb17ead662970b3dc8a7de50b09645837a2b1d4839c36d391e4205b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J_b-nwKefftn_VaE0VLD2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-J_b-nwKefftn_VaE0VLD2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:10 GMT
expires
Sat, 22 Oct 2022 17:40:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fledge-igmembership
fledge-eu.creativecdn.com/ Frame 0C38 		1 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=4xLbiX-rHkm8rHIfZ4KDJwQPnvlQKTCXSUolQsnLZ-qkoDYF08LIbRB5ZZiFu7XfarlptIhM5jTKIpGV9v0YOg
Requested by
Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_oZ9ydSmxeFpexElLvEco_home&id=pr_oZ9ydSmxeFpexElLvEco_lid_2CJjonW95JakllubbOaI&su=https%3A%2F%2Fab.ua%2F&sr=&ts=1666460409518&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
8d5e250247ab0f0e22363bac3ebb1a58a6326907d1bc7ff0827b209e2835b4fa

Request headers

Referer
https://creativecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
445
content-type
text/html;charset=utf-8
date
Sat, 22 Oct 2022 17:40:10 GMT Sat, 22 Oct 2022 17:40:10 GMT
expires
Sun, 23 Oct 2022 17:40:10 GMT
origin-trial
Ak5VBljBsjJRD9BC0VYrnHXYCIGSsChJNaOqX8hbKIGHkDDje71v/ij0z52980oFG8GrMXGX5DDkr55QzNcS0w0AAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjY5NzY2Mzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
vary
Accept-Encoding
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=7742&0.6250353500831778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:09 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
etag
W/"630f5f1c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 9A6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&site_visited=1&location=https%3A%2F%2Fab.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=7742&0.6250353500831778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
date
Sat, 22 Oct 2022 17:40:10 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame E397 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=7742&bannerNum=88767903299972620&apuid=bc49d80b-1d71-4757-8307-ba7fd1245c5f&session_pageview=1&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&site_visited=1&location=https%3A%2F%2Fab.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=7742&0.6250353500831778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
74a3508f8bc59785d5c21df0b949d3cfdb233bbcc8a06675dd2edacf41ead55b

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 22 Oct 2022 17:40:10 GMT
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-7510457504943044&su=ab.ua&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070415%2C44776415%2C44775016%2C44776449&doc=complete&pg_h=4374&pg_w=1600&pg_hs=4374&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame E397 		0
0
branding
a4p.adpartner.pro/ Frame E397 		1 KB
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=7742&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=7742&bannerNum=88767903299972620&apuid=bc49d80b-1d71-4757-8307-ba7fd1245c5f&session_pageview=1&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&site_visited=1&location=https%3A%2F%2Fab.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
ee4fe1734192176c6a69a45980a54d10b4a2f98449a6d9badb250eac0614b974

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=7742&bannerNum=88767903299972620&apuid=bc49d80b-1d71-4757-8307-ba7fd1245c5f&session_pageview=1&session_id=00fe3c69-37f2-4b00-bae7-cbbca0365e1e&site_visited=1&location=https%3A%2F%2Fab.ua%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 221A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 05:55:45 GMT
background_empty.jpg
file.adpartner.pro/2295/2295506/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2295/2295506/background_empty.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
last-modified
Thu, 02 Dec 2021 15:12:44 GMT
server
nginx
etag
"61a8e26c-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 128E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b867668e-ec2e-4047-a84d-d4efd7219121%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2295506%252C%2522rule_id%2522%253A209476%252C%2522show_id%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%257D%255D%252C%2522unit_id%2522%253A7742%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fab.ua%25252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 22 Oct 2022 17:40:10 GMT
expires
0
pragma
no-cache
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 221A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BEMQMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A810 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=3474196292401875&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ab.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ab.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3474196292401875&correlator=2999153152205308&eid=31068458%2C31070116%2C31070232%2C44772496&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=78780000%2Cdesktop_right_sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=2&adks=209036553&sfv=1-0-38&prev_scp=page%3Dmain%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dbdb4ce4d0656104e-2270b84653ce00eb%3AT%3D1666460407%3ART%3D1666460407%3AS%3DALNI_MbZA9tG1AWYiObUnvoN0UMo7y_Y4A&gpic=UID%3D00000b76b05578c8%3AT%3D1666460407%3ART%3D1666460407%3AS%3DALNI_MYrX26jHNV24YKA4k-NtlCInbP1NQ&abxe=1&dt=1666460410698&lmt=1666460410&dlt=1666460406009&idt=2040&adxs=1034&adys=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fab.ua%2F&frm=20&vis=1&psz=0x0&msz=300x0&fws=0&ohw=0&ga_vid=2133675183.1666460407&ga_sid=1666460408&ga_hid=1563670814&ga_fc=true
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dac72fd9bd2655ca867a509ee6bbae94287170c63d1a1dcef19961addf5914a6
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuNxOaw9PoCFafuuwgdRpECHg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12290453379522265426/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNuNxOaw9PoCFafuuwgdRpECHg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12290453379522265426/index.html
date
Sat, 22 Oct 2022 17:40:11 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43057
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ab.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E527 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
expires
Sun, 22 Oct 2023 17:40:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53acfbb3c20042&pos=8a9694a6018383a89128acfc60c00044&cmd=bid&secure=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
943c6c9be4926bc5093403bfbd5cecaeaab1fb2d03cf0eee7c1057ad8d0e986a

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53acfbb3c20042&pos=8a9694a6018383a89128acfc97630045&cmd=bid&secure=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
269ba257610b7fe153a22b5aec51b4e44db1d668747af22fc10136e3c5dff08f

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53acfbb3c20042&pos=8a969ce4018383a88820acfcc7f1002b&cmd=bid&secure=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ddec59b3ae18044440ae3d866b6d8e2434b1bc66ecac571c7d10c6a2c97612c6

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53acfbb3c20042&pos=8a9694a6018383a89128acfd1d7f0046&cmd=bid&secure=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dca53932dabb4c6d8c9da93ae4fd74fac7228ced518635b40c90efe6e3e590a

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53acfbb3c20042&pos=8a969134018383a88c53acfd5d4e0044&cmd=bid&secure=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cbd5799460f8a20362193611b70868c9045cd83e8f69dc844d7c6249961622be

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969134018383a88c53acfbb3c20042&pos=8a9694a6018383a89128acfbffd90043&cmd=bid&secure=1
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
838176ebbcc753b774542598e977090f88bcd10b92c6c7f095f1637f94cb436f

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
content-length
62
/
ghb.adtelligent.com/v2/auction/ 		520 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
255d63e1a658931e83c9f964367be4205c651e6c234f278b31a03588b8fe4f57

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 22 Oct 2022 17:40:10 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ab.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
253
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48990&zone_id=1806964&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=2dc35aba-5a8f-4e0b-b89d-6060b2b1697a%5E1&rf=https%3A%2F%2Fab.ua%2F&tg_i.pbadslot=%2F78780000%2Fdesktop_premium%23div-gpt-ad-1510239331518-1&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=97165921-4b2f-48cc-8b7c-4c08cf23c4b2&l_pb_bid_id=129cd2ea4721f84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F78780000%2Fdesktop_premium%23div-gpt-ad-1510239331518-1&slots=1&rand=0.7434550914213032
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d27832675aff3a40e7579dacdd7ce3e347c0179168abf6fc0cb8d0d99864c9d4

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 17:40:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ab.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
331
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://ab.ua
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
arj
adtelligent-d.openx.net/w/1.0/ 		173 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fab.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97165921-4b2f-48cc-8b7c-4c08cf23c4b2&nocache=1666460410742&gdpr=0&pubcid=2dc35aba-5a8f-4e0b-b89d-6060b2b1697a&schain=1.0%2C1!adtelligent.com%2C448229%2C1%2C%2C%2C&aus=300x250%2C300x600&divids=div-gpt-ad-1510239331518-1&aucs=%252F78780000%252Fdesktop_premium%2523div-gpt-ad-1510239331518-1&auid=541177132
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
43ca939e960e36056c40ffe0a972fa2e6de8f117cf1c433e71cdb62b502dc74f

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ab.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=90643656892
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		332 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=2dc35aba-5a8f-4e0b-b89d-6060b2b1697a%5E1&rf=https%3A%2F%2Fab.ua%2F&tg_i.pbadslot=%2F78780000%2Fdesktop_premium%23div-gpt-ad-1510239331518-1&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=97165921-4b2f-48cc-8b7c-4c08cf23c4b2&l_pb_bid_id=21e41fc6ea8173e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F78780000%2Fdesktop_premium%23div-gpt-ad-1510239331518-1&slots=1&rand=0.7044207910292386
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3d0a595946fddcccff1e9806fbc6688588260088f4b4728b33f77a0105543604

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 17:40:11 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ab.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
332
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ab.ua
date
Sat, 22 Oct 2022 17:40:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ab.ua
date
Sat, 22 Oct 2022 17:40:10 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ 		94 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a32f632e15f9529126d9c1c019e6be5c162c94025e51bdf55ef5f30d0207ebdd

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
content-encoding
gzip
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://ab.ua
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
99
translator
hbopenbid.pubmatic.com/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ab.ua
date
Sat, 22 Oct 2022 17:40:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ab.ua_160x600_br1.html
file.adpartner.pro/2295/2295506/ Frame 675F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2295/2295506/ab.ua_160x600_br1.html?content_width=1100px&background_size=1920&top_padding=49&side_width=250&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fbackground_empty.jpg&unit_num=7742_88767903299972620&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7742%2F2295506%2F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D4a9d62a7e3dae0998fe7caa0defffe17
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
bd1e9d4fcd73b242f4f503a95bef3fe7d18cf0349a57db1b096677e6f9771f00

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sat, 22 Oct 2022 17:40:10 GMT
etag
W/"628dfd43-cf9"
last-modified
Wed, 25 May 2022 09:56:19 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 4333 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b867668e-ec2e-4047-a84d-d4efd7219121%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2295506%252C%2522rule_id%2522%253A209476%252C%2522show_id%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%257D%255D%252C%2522unit_id%2522%253A7742%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fab.ua%25252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 22 Oct 2022 17:40:10 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame C09A 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b867668e-ec2e-4047-a84d-d4efd7219121%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2295506%252C%2522rule_id%2522%253A209476%252C%2522show_id%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%257D%255D%252C%2522unit_id%2522%253A7742%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252289f8f2e1-5195-4443-9cae-7a47ad88d3d3%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fab.ua%25252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 22 Oct 2022 17:40:10 GMT
expires
0
pragma
no-cache
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 675F 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2295/2295506/ab.ua_160x600_br1.html?content_width=1100px&background_size=1920&top_padding=49&side_width=250&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fbackground_empty.jpg&unit_num=7742_88767903299972620&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7742%2F2295506%2F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D4a9d62a7e3dae0998fe7caa0defffe17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28041ec86429388461ba8c6cbfe0cad5ea1be3fc0ffe6be7d9a5f9cc297ee642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40094
x-xss-protection
0
server
cafe
etag
4681943122933444021
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 17:40:10 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ Frame 675F 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0b241e049e3e3e78b4d7a308617316b6da482d47ef9ce69d0b33a7f675470b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118755
x-xss-protection
0
server
cafe
etag
14539083566693517547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 17:40:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=3474196292401875&bg=!W1ilWBzNAAaaxvStusY7ACkAdvg8WlTi0AdAQ_7o39jJR3r3scmXKNt-47Nr3UGzPaotiBdkRVjNYAIAAACcUgAAAARoAQcKAKIswfrX8avqQ_bF3gsqevQwQu8t6bbPSZEFAQp-axLtX87vNP06ZhnHo3qPL_HkAEtDs4d1qMFYHvSwgPkXEIbBnBkZWS8rmHJI23JeZFm5ixEILSaO17Sy-AhwcQt-VEq38d9SKEnKQSFJUVzt5ZgUcYk9x46J7xyZHRKKAqMIb_dQZ62ob8aN2QxdVKDWtxkvKXLet1jej6GhPG4onc7JpuSZAqS6ba3kmBRHxuifgMwIG0mv_etjRgmHZdAhKxdPJhKRcnuT-r0-5bNrot1y_JMBSPjtxCqVEkA1d3V7_eaF924yudjzo9gPuMusvK3fbC4hu45VSpWH_zDnoNJq-saByayOM60OzatUQQUBV3u4hZinOCmad61HHChOcyKV4Syg-uQWk3OPNXL3ayA3XwBNjyEhMjsDIxF9ayi-YN2LBrm4023UWcJDpJVxc4F7P5-XzpvZxIR16uwKkHYf61fIu2Fd55Hpxv9R4GA1so-oES750OGH_DR47J84AD4HOW5QKV10BGDjdBhNWIekUOOEgVga07BQrmdgAteT1B7UTHRAkN2-db8tWGroa8oGTaY85oQOBa_U6Wk_fB3XxXPp-v-d6yLlqiU0mozTx_Oao7ebfHWfPTX0qfYiVfcuaiELxe959CkL29VdcfFWxJ3kPvlNy2bZEtUA1PSMkX3uJzqM1GhOcukMUxF7XoKOmlkCk1auKhZIpVWacJpQ2HBNZsAxv3KXlz1xe6OtyJuOAbkNFx--PchMa8bAO4jGVOnzoMl5qxj2oAi5mlIokv40EKxpyM4ryxbs_sDCb3rffPt8Ha8qISeL6yFiQzV0KNgHrUm6NoS50Wxhow1LA7d9u6j91hszrXpDUWKaNf5J4ZICMxPCEo6dDrXmFU0SKWSxpjGH-9PBtcAXTlWCBXhe2QSMB9L6KSYtfsJ13SbMKQyRNeu4_sGq_m293rAw_fG_q32kRlSufXXa4tQ2_zcYKx6rDxytR9kmUhqf3zqtu68pygVUS6YbhT8P9BxaCZdENA5L710A2DWWSUlxBgwodrE2pcZPkOLwuFr_9xod91Cox7YhIlp5VJ1o9_6LHqO9DaZXenCtO2qaT06QxatPl1G5sWxO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 675F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 675F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 19D1 		62 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9531c1860f9528363506ae3032706f779ea78c13b93b26d6969a6a229ae1f476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
25932
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 63AA 		82 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d16903ae8f462570d2f0692d83a60e85e05ce1c3cb33dc0f83f20f3b541e641b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
28123
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
8274496644904366001
tpc.googlesyndication.com/simgad/ Frame 19D1 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8274496644904366001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c625b1b0cb2e5823ea5f4c19a596edc2f824acc6fc7205ef543c468420129c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 03:40:13 GMT
x-content-type-options
nosniff
age
50398
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97309
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 10:46:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 22 Oct 2023 03:40:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 19D1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 19D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 12:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 12:32:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 19D1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
l
www.google.com/ads/measurement/ Frame 19D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDIKVUv2dzsENFYGlChXqXNYoSGIuiw3CR7ExlkBU3ZAzLAH2wM07bgfJ_EZmDhZG8ZsRtVB6ggM_rtmDpuxtBqSprZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19D1 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 17:40:11 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 19D1 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f99c3b46e3e9c4a0b83bff85ab15facf6d8fa7cb43632934195ffbe59c34bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13742
x-xss-protection
0
server
cafe
etag
7228540032719881800
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:52 GMT
container.html
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D11 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
expires
Sun, 22 Oct 2023 17:40:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 12AD 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 16:50:34 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 63AA 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Oct 2022 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 16:38:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Oct 2022 17:40:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 63AA 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 63AA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 63AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 12:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 12:32:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 63AA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
l
www.google.com/ads/measurement/ Frame 63AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUlOvD0Nv2KGbCijJRwPd50k4IgKEmFg8dH0tMS6vi_MphNTaU7_fgd-sbELWGbgZUUXKHIRBB433MsVEydpdObt6bMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63AA 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 17:40:11 GMT
fed584b8ce81e04d8838584f2ea59ee6.js
www.gstatic.com/mysidia/ Frame 63AA 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 00:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13787
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 04:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:28:19 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		74 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab4240da0e386d8f02ea8601ea511ec68f6a053829c71783ad3914a83d1a099
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
110216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18094
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 11:03:15 GMT
expires
Sat, 21 Oct 2023 11:03:15 GMT
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0D11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca6JA-ipUY9uoL6fd7_UPxqKK8AGsp67ibNrx8J_lENrSh7jdHBABII2g8SFgleKQgqAHoAHpxaqdAsgBCakC-zXpduCLsD7gAgCoAwHIA0iqBNsBT9ApjOs5Nz_J6pZ-RcTGomMtdauhSeQ1SZUIjUjplRbtEMhAO74aCN5C0gUy7ty5nmArietOPzTjkPE3nTybwzTd4PqvIVirH7oOoloDa9CzIpFX3cLQJhdexkR0vo76z1e4qwjgj1xvBK1A9GIu1YkYpSWsGZYjmNAqct9zEKmP1WfvWHbPstXqRoyvMcR_StcH45ObVyC2-gkraZOKwzBr1IuAkHnj_cxBkHHJCVHzymwvowuJn1ierHRQvDJYHmWsz5Y8uHJcjT8bFAH9tkXZOOuVlS0Pu42LwATNsaDwoAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCYljTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi04MTgzMTgxODcxNjQ1ODk4GOCNHg&sigh=tNBTuNUJ4V4&uach_m=[UACH]&cid=CAQSPADq26N9SXRhf0DO4pnxCSwDpWfHxSmHgb4ZJfSyimxc-OkxHsFJobtqWkTfLuy_IbEYngvCBok8jfB8jBgBIA4&template_id=419
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 0D11 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 12AD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
expires
Sat, 22 Oct 2022 17:40:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7E2D 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25696
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 23 Oct 2022 10:31:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7E2D 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
28753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 23 Oct 2022 09:40:58 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ab.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://ab.ua
Date
Sat, 22 Oct 2022 17:40:11 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
s
googleads.g.doubleclick.net/pagead/drt/ Frame 59F6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 16:50:34 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 0D11 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 12:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 12:32:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 0D11 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 7E2D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 05:55:45 GMT
Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/Logo.png
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35fc6c273c50b1cda7f83e05b774a5d47e5ef0c0bc351e1106f4d1d2f8aaab65
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 21 Oct 2022 19:26:42 GMT
x-content-type-options
nosniff
age
80009
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2192
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 19:26:42 GMT
Txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/Txt1.png
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb77d406a7ee61fd886c23743f7864d731d8465887f649c4d9981f3ca0221ee3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 17 Oct 2022 18:59:02 GMT
x-content-type-options
nosniff
age
427269
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Oct 2023 18:59:02 GMT
Txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/Txt2.png
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7015bdc2944a0491176d948597ac45faa4a86cb701140b704c94d969e830ac8e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 17 Oct 2022 16:47:44 GMT
x-content-type-options
nosniff
age
435147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13807
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Oct 2023 16:47:44 GMT
CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/CTA.png
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd909fa1f7d10f7530694228f7184e5c3a1e205c403409c31840938fbfb124f1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 21 Oct 2022 03:39:36 GMT
x-content-type-options
nosniff
age
136835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1029
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 03:39:36 GMT
Img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/Img1.jpg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d85d4624dcb4c496e51b3cf5566271c52396d900c7320084e80d1af92e2d769e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 17 Oct 2022 21:12:27 GMT
x-content-type-options
nosniff
age
419264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34360
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Oct 2023 21:12:27 GMT
Img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/ Frame 7E2D 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12290453379522265426/Img2.jpg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b44759160317999c484b07133691048a70a417897278beb0da0f9e2e28dfe79
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 21 Oct 2022 02:27:02 GMT
x-content-type-options
nosniff
age
141189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49402
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 07:19:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 02:27:02 GMT
l
www.google.com/ads/measurement/ Frame 0D11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHqfuBETDLeeSX-oer-qVoo7_WLLTcwtdCPvESYMFbArTW19EX4xB6P4Pmx92StUDE-eyqI5U6GILqq8bhsL_s-Qmn5w
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D11 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 17:40:12 GMT
truncated
/ Frame 0D11 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86b339e8990bd3a2d98bb8422cc411cb403ad9c475a11226d13dfdfe1715a5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 59F6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:12 GMT
expires
Sat, 22 Oct 2022 17:40:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 87CC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_2&adk=283281734&adf=1045958789&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410933&bpp=5&bdt=87&idt=126&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&prev_slotnames=adpartner_ab.ua_160x600_br_1&correlator=2653756840870&frm=22&ife=1&pv=1&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.wqmjg7cdlsit&fsb=1&xpc=vb8pIzfWhD&p=https%3A//file.adpartner.pro&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 05:55:45 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ab.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ab.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3474196292401875&correlator=3034682411160156&eid=31068458%2C31070116%2C31070232%2C44772496&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=78780000%2Cdesktop_premium&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=103610846&sfv=1-0-38&prev_scp=page%3Dmain%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dbdb4ce4d0656104e%3AT%3D1666460407%3AS%3DALNI_MbNW-mDl8uG9xTyCjFY6P0K9AoSew&gpic=UID%3D00000b76b05578c8%3AT%3D1666460407%3ART%3D1666460407%3AS%3DALNI_MYrX26jHNV24YKA4k-NtlCInbP1NQ&abxe=1&dt=1666460412041&lmt=1666460412&dlt=1666460406009&idt=2040&adxs=1034&adys=642&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fab.ua%2F&frm=20&vis=1&psz=0x0&msz=300x0&fws=0&ohw=0&ga_vid=2133675183.1666460407&ga_sid=1666460408&ga_hid=1563670814&ga_fc=true
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5650dee2a26af48e569504f59015f9f9771bc00b47f82252c9d3fa0ebb0cabb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7902
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ab.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 675F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdc49198e7af8b2d539ac8d21397afba7a6a27667e4feab8b26614a24190c59a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11260
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2295/2295506/ Frame 675F 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2295/2295506/background_empty.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/2295/2295506/ab.ua_160x600_br1.html?content_width=1100px&background_size=1920&top_padding=49&side_width=250&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fbackground_empty.jpg&unit_num=7742_88767903299972620&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7742%2F2295506%2F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D4a9d62a7e3dae0998fe7caa0defffe17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
last-modified
Thu, 02 Dec 2021 15:12:44 GMT
server
nginx
etag
"61a8e26c-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame BC21 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=adpartner_ab.ua_160x600_br_1&adk=699258113&adf=2429112130&pi=t.ma~as.adpartner_ab.ua_160_&w=160&lmt=1653472579&url=https%3A%2F%2Ffile.adpartner.pro%2F2295%2F2295506%2Fab.ua_160x600_br1.html%3Fcontent_width%3D1100px%26background_size%3D1920%26top_padding%3D49%26side_width%3D250%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2295%252F2295506%252Fbackground_empty.jpg%26unit_num%3D7742_88767903299972620%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F7742%252F2295506%252F89f8f2e1-5195-4443-9cae-7a47ad88d3d3%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY2NDYwNDEwLCJzaG93X2lkIjoiODlmOGYyZTEtNTE5NS00NDQzLTljYWUtN2E0N2FkODhkM2QzIiwiYWRfdW5pdF9pZCI6Nzc0MiwicnVsZV9pZCI6MjA5NDc2LCJhZF9pZCI6MjI5NTUwNiwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjg2NzY2OGUtZWMyZS00MDQ3LWE4NGQtZDRlZmQ3MjE5MTIxIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D4a9d62a7e3dae0998fe7caa0defffe17&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666460410907&bpp=24&bdt=61&idt=120&shv=r20221019&mjsv=m202210170101&ptt=5&saldr=sa&correlator=2653756840870&frm=22&ife=1&pv=2&ga_vid=660547047.1666460411&ga_sid=1666460411&ga_hid=1631313372&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2659848257&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31070466%2C44775017%2C44775305&oid=2&pvsid=4467494749477352&uas=0&nvt=1&top=https%3A%2F%2Fab.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.13zwzb6yrv80&fsb=1&xpc=pcdKtpLsaT&p=https%3A//file.adpartner.pro&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 05:55:45 GMT
truncated
/ Frame 19D1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dc32a72d6229fb81150f0be86ac3a670ec40164c36b112fef74386ddc076b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
2076313506083323656
tpc.googlesyndication.com/simgad/8305604044134196043/ Frame 63AA 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8305604044134196043/2076313506083323656
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5556f915206475bf4518ce92609d4cc67ee5832aaab5251be2d72e44b039db03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 11:57:52 GMT
x-content-type-options
nosniff
age
366140
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55685
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 11:01:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Oct 2023 11:57:52 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7995395839725261445/ Frame 63AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7995395839725261445/downsize_200k_v1?w=100&h=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84a343c2906d2596e84833484bb2ebb5fca2d316e0225cac509e308309cc0629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 10:59:43 GMT
x-content-type-options
nosniff
age
283229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2879
x-xss-protection
0
last-modified
Fri, 09 Oct 2020 11:56:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 10:59:43 GMT
truncated
/ Frame 63AA 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 63AA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7150e45cb7c203a9f1dc422e06ae90968e0fdc0f5994b3ec2c2616cc82e61309

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 63AA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
435320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 63AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options
nosniff
age
75568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 20:40:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 63AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 13:27:29 GMT
x-content-type-options
nosniff
age
101563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 13:27:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 675F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31070466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 17:40:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 71E6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 13:55:49 GMT
expires
Sun, 22 Oct 2023 13:55:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7C24 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a7288e0534ffa84e78b2d64da5c162faad3f8d4e295c03294180375bb04d5b24
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ieJiDhmuHe8GYmhUgT4msA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-ieJiDhmuHe8GYmhUgT4msA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:12 GMT
expires
Sat, 22 Oct 2022 17:40:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 71E6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 05:55:45 GMT
generate_204
tpc.googlesyndication.com/ Frame 71E6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ku37Fg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D97 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:11 GMT
expires
Sun, 22 Oct 2023 17:40:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 85A3 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYlLeOzAEwAQ&v=APEucNVnAJtad59xkEFSgDetrZmRl55Cp-sf7XWzkJIhp2PN63LjtvLcL7xdSxEgHXA22m4QYE8q5W3TI085kdh0q0qrTFLPww
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8D97 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARt577SmwnTL_evDhAfzuSZOhKBhfcr6Xog1AOWO52A_yAfROlzduE0RTQKoXr-pI0knrnFBxM6X4B2-hMYU-HwnCuvQ&cry=1&dbm_d=AKAmf-CHq7Xw_ssRsYXAmnv_xOmaCHylUOfslBGSBDGB0LQ1I_T0QTfexdsBzoh3k8HWPrlJay6QR9cA5xfbiKaRKMhUOUHezXUmK5CZQPeN7Et3Vx9QjLBJ6M82R3r590BFPyjaXmpt2cSorrBHwgz6xoOkZYn7om2q5Bl9mwC34rgtAiLVhhcyPNVZDGcFlE4hFh3c0PpYB99z-y8f7v-N00xzSI0bhc6_bCIOkANBLiCk3PK4IHjv-w9eHdSGDxsaLQx7JQEZh_73n7BsAjEfPf9HhTMa7QliTecuwGHWBVJI07_RrL8KkmsnnGr0dr9LhUj9pr2oHVfG6kKG32PjLZD4pkWYAVP-Fh7XZVc96VgXCQ2LUcx8HGl4KbSYSgZTNCQriBljwRaLWm1bvRFkpi_DlKABa-crDmVmpojnXd6BZgQo5EOlrNWFqxjUvr-sKEhmmQfRMMCtICgLP4q0hpqouesRc3TrGW5fxVVVfPJ4jeFiVrWtCJ6anbzfTYd1zwfUOSbnrROmwxnBz9y7K5C9Bq9JmGWXWB-vjVu0iUF1RyZqdG9pfurM7oA4_lE4dJDySL0Pdg4L0qxSorXM_8GyZvxhk26UkVDYaat5Yb0CYTJdh5mp9EP0-6FfIP8GWDIrhSvwRnLRI0BWNzLGyfCHgVYgpnTGwonld49ZBxVNDGgK4D2wurLnXBPfddYwCDmPLBM1fy2S0f_6T-SuCUu28irOkq0ztt_mbo2k3NFW0sp6VnOe2KdGTtEcLZ6N0s-VKtodjsOmI4QxmCt_ewvhafR8WY5x7796PYYowzFHq3OTyibiAbmxYWyNDXWrzz1YPlKicE663hZQxG5L0bX18DzSJtCUFDuPDx2HBjehBja_XTAojscJIex1P1ZbqHFPCPlkEbERpjM6vzHeGPXDfWnNqBh9iNrFjRVDU_qtSb5rG3FTAu-7osLNeOOGcTH2vT5xkXJQlKr8jgmKfY0rv4zG41KD-IfsS0RUOtdHtx5j4lopRbPDxUex0_GbUmJVI5NLAWEdTrnu1si4bGMLOxosx3x8mA37BCE3TF4c4Tjy0ms6R3MJvMmHIsUtpun4snPY8rQubunAQ-c-WUGzjx8nxH5XcLtN9OSM3ouGgywUzO1J50cK8aFiPj1DL4QPKHRYP_wmfFnuM33HH0D3szv7F4lRi5Cgf43N61naEpFQXF0FnH25yevI4jK_YGSS-5lh4mETfzlJuQpn2UJD-MPe4O6V1fzs__uJrnYxPHnvZyazw_8huKpELATuovVsv5GMiwT2iBo-aPnkIdBH9nqavYd80RTSATdNSKfrn7bVaGNKYeX65UmHC1UUxWvKsAuTMIDvXFyLLdbvkU-XnxhhyR5qhYId9VCqoMidWY-bQQkjHsBdDqrFR3KwqKa72PPxxzGsqQs-UDww4r_Gu_LTF059ZIscFSxsvmslPLyNS0qwYT8yG4jtWhVZb2MI082GFYI23FwOgMk2P-8ksQ8dWvF58FtBIJ_5dOF3g7TE6Ll03Ot_q4CbR0_3_CWERboe9zxV5khyAjMl7wuDU7tsxOZsnCaOiu4fSt1uRntbuHuTIM3u2-de7fCm4Cxip2mdjHT_qVlbM7gXrawAfLluugA0i3A2WfIVrDpZCO035zh2LK-wX8kgTHQrDItSpLGeLCGsdmeo_KASE-sXCZ82k9-u2hyzji460CigGbGDIg0x1pHxeNcoJXDfmZOzgveMDd234gibrVxfB23Bjic4zEvjjrMozB9YBZEFQMrBWBvpa7hfKQ5pimvjhddz9xwG6kBhsPY3Tpx1GrzeNWLV3sxgsVjTvBu8JDDwot8GVbAYl56R_jk1go3QFP4_AHtbYDqdl5wEVrX4UtA0YM6j1TlLGC9V_MWJYdvpNW9699RswgiWmulIk62idSodLfeqaYygmNCsQfuSs6YFL9cIT20pKUZyTGiC9vwhH8rXfz2C4WthE-0ItwBs5OIE-zkPob69OlPcRJB3Oi707PVZXrFwXw2x9ZfZhaf-1H7770Hs1yF353y5H35st9AGXm1FFKTeBGMLtwgXF_rL5snpoOuY55Dl0rIuJzJzjSu3E01tXxgkjOk3muAu95R71Qur5gnsXBz4TejNb4osN0oWjgdvsGWhdfzd7qVPgO71eA2Ott6LniUhLahlb8J1nguUbkluAONpbsM7MiNQ1CKmyDAp6tJyA16AZOlQmKiXFZVBjmypAGbQvUX8dNRV_PnTSZxLHwQYmc8TUhH9utaokEkRzqaJOI_n9dbxYyCNKn9cpq1N7NWplJBeW-VAnF57kSjJhDKH9-lE7EYf0zASMi1YG3GK_Hd2HAYulgFTzFjnJGUauoj4ezlcJc-A3BPOHiLDXqdmPPFUsIY8PE8p5XYCNTkUATH9gy-nN5AaeOFKIofEhnIGSUjuOik1Z_fC9M5Habf8OpGtXWyFqglrbjks6QcTHiEP1Zfr6DRCAzhp4a7jx62Ble17nqwRWEQ5HCqfDyoswKMT9rEGmJ6QQlKsOlCUfBsG2xlbPqD4KvSB3ode0KHKI1wc1-O5J36obJSEYNTFvtgaNhvE0D6VLVqdFaSPatoxGo2L46GEiKllJuiAMgROdqBTHiv6a3xJZndh-v_ae32agaV8-t8Gb_-3XQ3k8vB08RBgfnmsifIY0d4uJzZrkzcqpiBZNFBUW_lzaQN-_2mCMnAGsuRG409HppoKBOhwX1tP0Y0xlPJ1QfJKkTmyZJ8YcecVyciAI7iolSmQiCorqXkx8C_0yaXlNNSXZMYhOy3im9iyy5lcQH4_Nr0nvYZCURii1hTbPi2hePxW39V7FVqMRiyee3fUcezq5f8KKu2vEwGxhALGh-Wkn4Ob0jbH4wkIJJ-rFc3d1k0W2W4m2nBVr4TS42aDPUvDue4jdsB6KPJTSOn6Hrzo1z3LIOLG2aaAfLB13htUIZNIg6MqLFZGyaMz7Kkg7Xy96CTuY_kfs-A4a63B8PtuD79Spz1vbQV0-H-sR5TK8TyyikKDo8JMcaTzX-OoER0isMiY1SWfhF7cibwVNB269r_RxYs5hsQawlDw3v5RnyDkk5r1oBfjoPFd42tEztwVJZiV3gPlVuSW0MNWeK6XbkyW9lBKCJgEPOdWiabNBUIRbGRzABJQYANfy14r_jS8guV8FkYCrxnsUaQxyG2jGmdxjyuqe0fqAOb3rYTfaaHIgrC6eXoRgusA3QJ4W6wz-VkT8v6C8UDlLZWJ39r5GHo1tFndXrz6b7qgIyiS9hJqoU_D_OzhlP0WfPaYFeV0vNiIrfT5ZWliX_wNH8fm3tjiIJHYdmgLYHHU9xCSnw_rnTwtNGPLMJTQMGhdWD0uYyMlNcOO_ulbhwtALv00xuRM4YvCHN9Xm50i5bb7uXYEccWFH40hT3ULmOM21mBpd0ix9dzyw0J3A1v1ts0BKYK_so6kkFmBjChy&cid=CAQSPADq26N9BqYfGvRXRgslvQWjfPX8hyn3bKQ1AuH2GvoEa1RkD0dH-xBOLXlJTxFRQtM46BFo6Pmpszvz9BgBIA4&rfl=1%2Chttps%253A%252F%252Fab.ua%252F%240
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0ced42b12e2f7f73aef5499589fedaa109888f9f9cb823bc2aaa2be1a9e989c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34212
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D97 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAx2KMdkagjm8IqPperyRS8XJrxRTvgNkNbhB78L9L7hiV4jMAUFDuDtino6xUo9BOIzBz3sHVZ-sAmBg0AdTX8lp2iQEN_qUfshSNzcBXD1AOSSQ
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 8D97 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 12:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 12:32:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 8D97 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:14:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D97 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 17:40:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=4467494749477352&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8D97 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
Origin
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Oct 2022 10:24:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame 8D97 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARt577SmwnTL_evDhAfzuSZOhKBhfcr6Xog1AOWO52A_yAfROlzduE0RTQKoXr-pI0knrnFBxM6X4B2-hMYU-HwnCuvQ&cry=1&dbm_d=AKAmf-CHq7Xw_ssRsYXAmnv_xOmaCHylUOfslBGSBDGB0LQ1I_T0QTfexdsBzoh3k8HWPrlJay6QR9cA5xfbiKaRKMhUOUHezXUmK5CZQPeN7Et3Vx9QjLBJ6M82R3r590BFPyjaXmpt2cSorrBHwgz6xoOkZYn7om2q5Bl9mwC34rgtAiLVhhcyPNVZDGcFlE4hFh3c0PpYB99z-y8f7v-N00xzSI0bhc6_bCIOkANBLiCk3PK4IHjv-w9eHdSGDxsaLQx7JQEZh_73n7BsAjEfPf9HhTMa7QliTecuwGHWBVJI07_RrL8KkmsnnGr0dr9LhUj9pr2oHVfG6kKG32PjLZD4pkWYAVP-Fh7XZVc96VgXCQ2LUcx8HGl4KbSYSgZTNCQriBljwRaLWm1bvRFkpi_DlKABa-crDmVmpojnXd6BZgQo5EOlrNWFqxjUvr-sKEhmmQfRMMCtICgLP4q0hpqouesRc3TrGW5fxVVVfPJ4jeFiVrWtCJ6anbzfTYd1zwfUOSbnrROmwxnBz9y7K5C9Bq9JmGWXWB-vjVu0iUF1RyZqdG9pfurM7oA4_lE4dJDySL0Pdg4L0qxSorXM_8GyZvxhk26UkVDYaat5Yb0CYTJdh5mp9EP0-6FfIP8GWDIrhSvwRnLRI0BWNzLGyfCHgVYgpnTGwonld49ZBxVNDGgK4D2wurLnXBPfddYwCDmPLBM1fy2S0f_6T-SuCUu28irOkq0ztt_mbo2k3NFW0sp6VnOe2KdGTtEcLZ6N0s-VKtodjsOmI4QxmCt_ewvhafR8WY5x7796PYYowzFHq3OTyibiAbmxYWyNDXWrzz1YPlKicE663hZQxG5L0bX18DzSJtCUFDuPDx2HBjehBja_XTAojscJIex1P1ZbqHFPCPlkEbERpjM6vzHeGPXDfWnNqBh9iNrFjRVDU_qtSb5rG3FTAu-7osLNeOOGcTH2vT5xkXJQlKr8jgmKfY0rv4zG41KD-IfsS0RUOtdHtx5j4lopRbPDxUex0_GbUmJVI5NLAWEdTrnu1si4bGMLOxosx3x8mA37BCE3TF4c4Tjy0ms6R3MJvMmHIsUtpun4snPY8rQubunAQ-c-WUGzjx8nxH5XcLtN9OSM3ouGgywUzO1J50cK8aFiPj1DL4QPKHRYP_wmfFnuM33HH0D3szv7F4lRi5Cgf43N61naEpFQXF0FnH25yevI4jK_YGSS-5lh4mETfzlJuQpn2UJD-MPe4O6V1fzs__uJrnYxPHnvZyazw_8huKpELATuovVsv5GMiwT2iBo-aPnkIdBH9nqavYd80RTSATdNSKfrn7bVaGNKYeX65UmHC1UUxWvKsAuTMIDvXFyLLdbvkU-XnxhhyR5qhYId9VCqoMidWY-bQQkjHsBdDqrFR3KwqKa72PPxxzGsqQs-UDww4r_Gu_LTF059ZIscFSxsvmslPLyNS0qwYT8yG4jtWhVZb2MI082GFYI23FwOgMk2P-8ksQ8dWvF58FtBIJ_5dOF3g7TE6Ll03Ot_q4CbR0_3_CWERboe9zxV5khyAjMl7wuDU7tsxOZsnCaOiu4fSt1uRntbuHuTIM3u2-de7fCm4Cxip2mdjHT_qVlbM7gXrawAfLluugA0i3A2WfIVrDpZCO035zh2LK-wX8kgTHQrDItSpLGeLCGsdmeo_KASE-sXCZ82k9-u2hyzji460CigGbGDIg0x1pHxeNcoJXDfmZOzgveMDd234gibrVxfB23Bjic4zEvjjrMozB9YBZEFQMrBWBvpa7hfKQ5pimvjhddz9xwG6kBhsPY3Tpx1GrzeNWLV3sxgsVjTvBu8JDDwot8GVbAYl56R_jk1go3QFP4_AHtbYDqdl5wEVrX4UtA0YM6j1TlLGC9V_MWJYdvpNW9699RswgiWmulIk62idSodLfeqaYygmNCsQfuSs6YFL9cIT20pKUZyTGiC9vwhH8rXfz2C4WthE-0ItwBs5OIE-zkPob69OlPcRJB3Oi707PVZXrFwXw2x9ZfZhaf-1H7770Hs1yF353y5H35st9AGXm1FFKTeBGMLtwgXF_rL5snpoOuY55Dl0rIuJzJzjSu3E01tXxgkjOk3muAu95R71Qur5gnsXBz4TejNb4osN0oWjgdvsGWhdfzd7qVPgO71eA2Ott6LniUhLahlb8J1nguUbkluAONpbsM7MiNQ1CKmyDAp6tJyA16AZOlQmKiXFZVBjmypAGbQvUX8dNRV_PnTSZxLHwQYmc8TUhH9utaokEkRzqaJOI_n9dbxYyCNKn9cpq1N7NWplJBeW-VAnF57kSjJhDKH9-lE7EYf0zASMi1YG3GK_Hd2HAYulgFTzFjnJGUauoj4ezlcJc-A3BPOHiLDXqdmPPFUsIY8PE8p5XYCNTkUATH9gy-nN5AaeOFKIofEhnIGSUjuOik1Z_fC9M5Habf8OpGtXWyFqglrbjks6QcTHiEP1Zfr6DRCAzhp4a7jx62Ble17nqwRWEQ5HCqfDyoswKMT9rEGmJ6QQlKsOlCUfBsG2xlbPqD4KvSB3ode0KHKI1wc1-O5J36obJSEYNTFvtgaNhvE0D6VLVqdFaSPatoxGo2L46GEiKllJuiAMgROdqBTHiv6a3xJZndh-v_ae32agaV8-t8Gb_-3XQ3k8vB08RBgfnmsifIY0d4uJzZrkzcqpiBZNFBUW_lzaQN-_2mCMnAGsuRG409HppoKBOhwX1tP0Y0xlPJ1QfJKkTmyZJ8YcecVyciAI7iolSmQiCorqXkx8C_0yaXlNNSXZMYhOy3im9iyy5lcQH4_Nr0nvYZCURii1hTbPi2hePxW39V7FVqMRiyee3fUcezq5f8KKu2vEwGxhALGh-Wkn4Ob0jbH4wkIJJ-rFc3d1k0W2W4m2nBVr4TS42aDPUvDue4jdsB6KPJTSOn6Hrzo1z3LIOLG2aaAfLB13htUIZNIg6MqLFZGyaMz7Kkg7Xy96CTuY_kfs-A4a63B8PtuD79Spz1vbQV0-H-sR5TK8TyyikKDo8JMcaTzX-OoER0isMiY1SWfhF7cibwVNB269r_RxYs5hsQawlDw3v5RnyDkk5r1oBfjoPFd42tEztwVJZiV3gPlVuSW0MNWeK6XbkyW9lBKCJgEPOdWiabNBUIRbGRzABJQYANfy14r_jS8guV8FkYCrxnsUaQxyG2jGmdxjyuqe0fqAOb3rYTfaaHIgrC6eXoRgusA3QJ4W6wz-VkT8v6C8UDlLZWJ39r5GHo1tFndXrz6b7qgIyiS9hJqoU_D_OzhlP0WfPaYFeV0vNiIrfT5ZWliX_wNH8fm3tjiIJHYdmgLYHHU9xCSnw_rnTwtNGPLMJTQMGhdWD0uYyMlNcOO_ulbhwtALv00xuRM4YvCHN9Xm50i5bb7uXYEccWFH40hT3ULmOM21mBpd0ix9dzyw0J3A1v1ts0BKYK_so6kkFmBjChy&cid=CAQSPADq26N9BqYfGvRXRgslvQWjfPX8hyn3bKQ1AuH2GvoEa1RkD0dH-xBOLXlJTxFRQtM46BFo6Pmpszvz9BgBIA4&rfl=1%2Chttps%253A%252F%252Fab.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 16:56:19 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 8D97 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARt577SmwnTL_evDhAfzuSZOhKBhfcr6Xog1AOWO52A_yAfROlzduE0RTQKoXr-pI0knrnFBxM6X4B2-hMYU-HwnCuvQ&cry=1&dbm_d=AKAmf-CHq7Xw_ssRsYXAmnv_xOmaCHylUOfslBGSBDGB0LQ1I_T0QTfexdsBzoh3k8HWPrlJay6QR9cA5xfbiKaRKMhUOUHezXUmK5CZQPeN7Et3Vx9QjLBJ6M82R3r590BFPyjaXmpt2cSorrBHwgz6xoOkZYn7om2q5Bl9mwC34rgtAiLVhhcyPNVZDGcFlE4hFh3c0PpYB99z-y8f7v-N00xzSI0bhc6_bCIOkANBLiCk3PK4IHjv-w9eHdSGDxsaLQx7JQEZh_73n7BsAjEfPf9HhTMa7QliTecuwGHWBVJI07_RrL8KkmsnnGr0dr9LhUj9pr2oHVfG6kKG32PjLZD4pkWYAVP-Fh7XZVc96VgXCQ2LUcx8HGl4KbSYSgZTNCQriBljwRaLWm1bvRFkpi_DlKABa-crDmVmpojnXd6BZgQo5EOlrNWFqxjUvr-sKEhmmQfRMMCtICgLP4q0hpqouesRc3TrGW5fxVVVfPJ4jeFiVrWtCJ6anbzfTYd1zwfUOSbnrROmwxnBz9y7K5C9Bq9JmGWXWB-vjVu0iUF1RyZqdG9pfurM7oA4_lE4dJDySL0Pdg4L0qxSorXM_8GyZvxhk26UkVDYaat5Yb0CYTJdh5mp9EP0-6FfIP8GWDIrhSvwRnLRI0BWNzLGyfCHgVYgpnTGwonld49ZBxVNDGgK4D2wurLnXBPfddYwCDmPLBM1fy2S0f_6T-SuCUu28irOkq0ztt_mbo2k3NFW0sp6VnOe2KdGTtEcLZ6N0s-VKtodjsOmI4QxmCt_ewvhafR8WY5x7796PYYowzFHq3OTyibiAbmxYWyNDXWrzz1YPlKicE663hZQxG5L0bX18DzSJtCUFDuPDx2HBjehBja_XTAojscJIex1P1ZbqHFPCPlkEbERpjM6vzHeGPXDfWnNqBh9iNrFjRVDU_qtSb5rG3FTAu-7osLNeOOGcTH2vT5xkXJQlKr8jgmKfY0rv4zG41KD-IfsS0RUOtdHtx5j4lopRbPDxUex0_GbUmJVI5NLAWEdTrnu1si4bGMLOxosx3x8mA37BCE3TF4c4Tjy0ms6R3MJvMmHIsUtpun4snPY8rQubunAQ-c-WUGzjx8nxH5XcLtN9OSM3ouGgywUzO1J50cK8aFiPj1DL4QPKHRYP_wmfFnuM33HH0D3szv7F4lRi5Cgf43N61naEpFQXF0FnH25yevI4jK_YGSS-5lh4mETfzlJuQpn2UJD-MPe4O6V1fzs__uJrnYxPHnvZyazw_8huKpELATuovVsv5GMiwT2iBo-aPnkIdBH9nqavYd80RTSATdNSKfrn7bVaGNKYeX65UmHC1UUxWvKsAuTMIDvXFyLLdbvkU-XnxhhyR5qhYId9VCqoMidWY-bQQkjHsBdDqrFR3KwqKa72PPxxzGsqQs-UDww4r_Gu_LTF059ZIscFSxsvmslPLyNS0qwYT8yG4jtWhVZb2MI082GFYI23FwOgMk2P-8ksQ8dWvF58FtBIJ_5dOF3g7TE6Ll03Ot_q4CbR0_3_CWERboe9zxV5khyAjMl7wuDU7tsxOZsnCaOiu4fSt1uRntbuHuTIM3u2-de7fCm4Cxip2mdjHT_qVlbM7gXrawAfLluugA0i3A2WfIVrDpZCO035zh2LK-wX8kgTHQrDItSpLGeLCGsdmeo_KASE-sXCZ82k9-u2hyzji460CigGbGDIg0x1pHxeNcoJXDfmZOzgveMDd234gibrVxfB23Bjic4zEvjjrMozB9YBZEFQMrBWBvpa7hfKQ5pimvjhddz9xwG6kBhsPY3Tpx1GrzeNWLV3sxgsVjTvBu8JDDwot8GVbAYl56R_jk1go3QFP4_AHtbYDqdl5wEVrX4UtA0YM6j1TlLGC9V_MWJYdvpNW9699RswgiWmulIk62idSodLfeqaYygmNCsQfuSs6YFL9cIT20pKUZyTGiC9vwhH8rXfz2C4WthE-0ItwBs5OIE-zkPob69OlPcRJB3Oi707PVZXrFwXw2x9ZfZhaf-1H7770Hs1yF353y5H35st9AGXm1FFKTeBGMLtwgXF_rL5snpoOuY55Dl0rIuJzJzjSu3E01tXxgkjOk3muAu95R71Qur5gnsXBz4TejNb4osN0oWjgdvsGWhdfzd7qVPgO71eA2Ott6LniUhLahlb8J1nguUbkluAONpbsM7MiNQ1CKmyDAp6tJyA16AZOlQmKiXFZVBjmypAGbQvUX8dNRV_PnTSZxLHwQYmc8TUhH9utaokEkRzqaJOI_n9dbxYyCNKn9cpq1N7NWplJBeW-VAnF57kSjJhDKH9-lE7EYf0zASMi1YG3GK_Hd2HAYulgFTzFjnJGUauoj4ezlcJc-A3BPOHiLDXqdmPPFUsIY8PE8p5XYCNTkUATH9gy-nN5AaeOFKIofEhnIGSUjuOik1Z_fC9M5Habf8OpGtXWyFqglrbjks6QcTHiEP1Zfr6DRCAzhp4a7jx62Ble17nqwRWEQ5HCqfDyoswKMT9rEGmJ6QQlKsOlCUfBsG2xlbPqD4KvSB3ode0KHKI1wc1-O5J36obJSEYNTFvtgaNhvE0D6VLVqdFaSPatoxGo2L46GEiKllJuiAMgROdqBTHiv6a3xJZndh-v_ae32agaV8-t8Gb_-3XQ3k8vB08RBgfnmsifIY0d4uJzZrkzcqpiBZNFBUW_lzaQN-_2mCMnAGsuRG409HppoKBOhwX1tP0Y0xlPJ1QfJKkTmyZJ8YcecVyciAI7iolSmQiCorqXkx8C_0yaXlNNSXZMYhOy3im9iyy5lcQH4_Nr0nvYZCURii1hTbPi2hePxW39V7FVqMRiyee3fUcezq5f8KKu2vEwGxhALGh-Wkn4Ob0jbH4wkIJJ-rFc3d1k0W2W4m2nBVr4TS42aDPUvDue4jdsB6KPJTSOn6Hrzo1z3LIOLG2aaAfLB13htUIZNIg6MqLFZGyaMz7Kkg7Xy96CTuY_kfs-A4a63B8PtuD79Spz1vbQV0-H-sR5TK8TyyikKDo8JMcaTzX-OoER0isMiY1SWfhF7cibwVNB269r_RxYs5hsQawlDw3v5RnyDkk5r1oBfjoPFd42tEztwVJZiV3gPlVuSW0MNWeK6XbkyW9lBKCJgEPOdWiabNBUIRbGRzABJQYANfy14r_jS8guV8FkYCrxnsUaQxyG2jGmdxjyuqe0fqAOb3rYTfaaHIgrC6eXoRgusA3QJ4W6wz-VkT8v6C8UDlLZWJ39r5GHo1tFndXrz6b7qgIyiS9hJqoU_D_OzhlP0WfPaYFeV0vNiIrfT5ZWliX_wNH8fm3tjiIJHYdmgLYHHU9xCSnw_rnTwtNGPLMJTQMGhdWD0uYyMlNcOO_ulbhwtALv00xuRM4YvCHN9Xm50i5bb7uXYEccWFH40hT3ULmOM21mBpd0ix9dzyw0J3A1v1ts0BKYK_so6kkFmBjChy&cid=CAQSPADq26N9BqYfGvRXRgslvQWjfPX8hyn3bKQ1AuH2GvoEa1RkD0dH-xBOLXlJTxFRQtM46BFo6Pmpszvz9BgBIA4&rfl=1%2Chttps%253A%252F%252Fab.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:34:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8D97 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 17:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 17:48:08 GMT
truncated
/ Frame 8D97 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6aa8f830f4c7c5cea8625d97ec22a2bad9bcea915c87582ef5e9dec5583e623

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E9F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
255671
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:39:01 GMT
expires
Thu, 19 Oct 2023 18:39:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 9E9F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 05:55:45 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462905/hb_305157_6807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Oct 2022 17:40:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDJv8_CpUY_HYINzA9u8Pg_aF0AoAAAAAOAHgBAI&bg=!MTKlMnbNAAaaxvStusY7ACkAdvg8WgOA5aCGF6u8aAM1ti7eXTwQpDjaaUFUcSGmCVpidbFO2onAWwIAAABxUgAAAAJoAQeZAuHhAZixDkhm1BZoJaiUNX9GVisD6voQ1K04Ldc7IM-zPD26vKhh0Hk3s74yba6jRwDCOdOMVIdl-MQPtEHKC33O7R2HmEoL4jw8ekHyR9EG7qebsgHen18KMFPiToK6T5Wfhq7GQdFe3OBSve_a4NMLOGsA7fTL1XknxvpKoV6kTCXPme9IXrYu_y_xe_HQuar2RElQ5RlfAOWTcDDCrTrXfD5l6ssboCcbKVBa0FiPn-yVqVVXAfQbvps-sPWZ3iJUucB1yT7w7Q6Srhl1xVeNsA1CHV4ET0p-45iXc4WkkJ3_EEwF4o8D44_N1qb0Bc3AfuR9918YKPBbnmjiF9TF5flBFbbvtFOuJDPNWavPr6NkItsQW-pcwLQfkelGSOZ7ws6RE4uyUxZ9trfaTKsKBcXrwBrcXv4HHb1ykSHuYSf5668eR5I_8IYBr8HYkPSCxc7DiSLTcS8CoiviahxPx2QiqDGeYPRYnrerWEy_1_csvRRuO1I5bdQk13zVUe-vMtUUEIc9kFXTmtmijMS0uWRuNkM2zcoYK-1xdef4LGoDIVBD-v9-RYy7YX1fjq-SCxEUkuaHcNfCMfvKl6bWrEipTC2SOyVBfpaf_qCl556veJONIcTnb_Z6_y_nIE5PDLZja9Fjtg8u51equQX8XX_E4bgMHIHRdZgrT8rApvMfxZW8fCKrhqeJT19M8tkWI8bpMU022fHrSgLSA9KWAMSDScfqn19y392Z_E_yDeSdxsN2k2lbJey_Ll0LNCDiP0Fs9EgYAtLi4gIkYnnvT8mBUsldfHK0IQIap4d-OmvEFUL2oxYj1Pua2di7HQYbHpt08F3xpYcIhgu2OzbdHoig9t7-d3Q6mUwYhJJeCtzWmRnJ4Or4Ice6emgZ_vEzRGd4f77cZUU6eApqEbxJTuyqsUizSeEHTWF2F_nG-bcIq9z3jsK7AttpnWlpzK8nrN-HwhL_9kStkJJyJjD4OA
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ede92e373061b47484fc03b8f2cc0a150b07e008af0fb832ed483ab85dcb54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
523317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5936
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 16:18:16 GMT
expires
Mon, 16 Oct 2023 16:18:16 GMT
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8D97 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstffm__ECWdAXPtPbq4qqxAjIGZnYWpAdkXfbUL2hZpHYMBBQIoVkDSkIw74xxzxrOZUgl1UaJPEqCo0Al5lgB1hIHHwN5Bpxu7HGRsVgNAzM0NFx-SljMUGBHR7pHDCEeJMjakX0rBMJ2xk_HZpQG2iNizGOH5pLmR2d0kORp5exIlUMJR1gtAXRRJtJ4_avErDOWcx-AzZ55azhepBjEufkXM2fLHGPUPmoEahlr95D0XFBhjNQqk5r21y-6iC3Vszne1Bvzl3iJt4JmlwaPpV-4s-uM36OwGNfyVHjUCOazCkkJr3S3S72PtrYxtoujXwBBfiJjAW2InU67kIJoHv6eumFKZ3HLWgvkgLWka1C0Wpb-L95aJVoKSDA0StE8LlEQL0d0XLw6wSUe80K3VRVlAO3VauTzwwSXDSjngXqLvT5c9cnZUzvrz0ukV2OU0AJkXfKQk3Az5OiN6U9U8N-uIe0C1GjRA6vS5DOHR4cHjeLFuz7SBudIGPHW_O7RggXhwUA7AC1tgHR0K5ieHq-ql5psHWyTqp41tz1WYDUhkquKer3DCUFE82NMAOHWi7w0uQdFTm0YBFyf6fzHPv4YXpJ5537iDaVOPVoGSVrtyL-hBo95OJWrCpGasIT3e_KjUWkJcB9ZUNIzVywKVm6SWeCB0jfPswwtKfX73HS_tP8n0F98PbekY78Td_kFHRSMS0fvnM75TabXIzrugPGgOwILtWwqzjixlFjoLd4gmyO9lGv0rqcvK3901UORc0xP6gkEDgFxjqyPDIs5rrgw1E3isnQ5iCiMm_5A8-Cfu2byE2mV0eOo5YI1V6rjYuNSNowW1lKjAxqyVj1LFXWE-SuYiorV4Ev6kPx4cRspm0g2hcY6vtucJLxeJVrmC2ygXUZw0PjdrAJ_MRhjVZFR5g6L6Jlv4XPNVzzD1K10gciwi2GiDwdf14UCF8fwc8VBOJbEbYst1gQdszwJpZ1Bl3qhF9VopB49XXTszBHGvcCSOtJCrDAt2Z_GHMJcd7BAXfrTezwrw10Vh0y7SvrVEJRT02JyoYFoX0eJNATKAXrSxMoIPht4O6_hG8_k5oMKFdJxnd1R9UBkzEgnSPvwbfQL736tAkCBSNQeh67cwrfqkqgkUOmwW_X3xSnxpBLnB8_X6K94E7Y8kyHj0QL45IRb3SV5b7m7BFpePj28YPNZVYuxOCpAoLKlUpKxE2nHsItE6mez9oaFO&sai=AMfl-YQnebJ7_a2HCvsnBLDEvuAfWlkqECpiXkQrgLvKw-XWd-s8tA3vmbbVWXlSpJgU2XdtNIvU7C-_D_DklxAPDkATiyaA8vBxjngCC0kq8jDN8vMHDZ3O-X4lsaZbwmiytZuRQrS-NbeQvBImul0ckUR4vJVrpFIyDn9vIstRLKA2g83Fr6NZRaYMxAA0iqoX35csEnOHTg6l6RNho_g46YwHwMLeGYC-igObgbd5Bve9D-CEfr--m4XmNLEtX-Dyqx4BH8-ucuMv2w&sig=Cg0ArKJSzGB6FCY_SKlSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=390&cbvp=1&cstd=386&cisv=r20221019.90305&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 22 Oct 2022 17:40:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 675F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=4467494749477352&bg=!6uml6a3NAAaaxvStusY7ACkAdvg8WhGkAjBcdeyopsRe0JqxtR38vRjvrczSq0KV2ucgmFkgBooMKAIAAACHUgAAAARoAQcKAMYzcl4pW_bwh46_I4YPqEwmFBjyzXH0OVG9YSW3OknGzJhUBAbRneKcAuaXHMRqEIinC627swloLeFE16ACirzx9mg41oRQYwNRq1fu3uN1YVsBbP0MO5qtMchxCGN0yq5mbDz12eJ3fMbLie1s_IXjflENg5R20kHOnt-sAaqvuaW1BpGhFogm7AGtbLjSEeALU-aZ9v3r49j3tPaDcXxGtd8_08GuuPpbx6PAXlzKp_DFe12bsECKcOfxHuYnUgSkzUIQBoiZArWmUSIP8bipF1TmY96rD-K7e-N1E9h03ex-iimwILy7BJl9eSA9YvwB5O9eXP17WsOat5chSLezc9P2joyzqMWU3chWxogjY__EbZEF4V53QIgV_WqAn73cJ_4auT3Jkx04j9DkvnX_eywWIL8ZYIXnyadRsyX1saHx6lMU9kXoLF43nKdrVEPe65CLVcqrUNb5F-ygEy47_wjpx_nc7iSWKAgSAVpHsCmVoRHh7_iFGGp9AmIDENFddzx8a-QJ8rgxBzFczq6uhuEABHBXXUgU0MVBpKfgbN9J_7_OErroKI8eNmSKVDD7D7HA1M_yC_4gG6u6-X0Q-zvoeb9xc1_ej3BQPWX6ys7_eBIUt6-qD828a_DBGu00n_9aFKPjvA71ylcA0KZigS-AavQWxi91WOjBl_tNJ6TeTtxftT9SKVWQ1EPlKyID56AVYeUAk3HOu64aLsYpDY-o5unQ8e_mINeuCV3OZSqWz6deYSvrFDarVCtwo4B1f76ExCR4lHyablK0CgOrcAC1BYVqaeoOiDj8r-mayKJrWOJbuu4a7g1QXyXCu6d5wxSoB6k-_GLg-OXKkqc_YDFpTGSIbWuEgl1vF54TpIr9t9ypkuGRe57OrKOq9keM-nDJryJvxxI52SxwaE_jvDh2zRPHy1nsrlilhM2qzc-dyd17LAbLBRS2m7WoUMaCNPj22BnyBXRH0xjaOtpqNj8jjij3UvuzkpAz-WTx4Je5Dqd-5JCS1LZ3yKKDBOzw2ZKGFtuoSsW2eLt5Z0w_a4_CaLs3fpY392-MjtM0PqzacTQDXdp_bDwEtfVdtaynDKhBic4xRsXCdXe4FiyEZnaUl9elD76z9aDgyb2DcCXhZaw9LlppS6k6EGTT7JpFrWXOzFRI23c5st7U38SQHm8LwNJGM5brN-dzID4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame 1248 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ab.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ab.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 17:40:12 GMT
server
Kestrel
server-processing-duration-in-ticks
601695
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ab.ua
URL: https://ab.ua/assets/vendor.983efe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Oct 2022 17:40:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 63AA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWdXSKvN1oZaJgZ1T3e9QXEhR0PUiGUt6Cl0Wf5CgoU8gr8c2j3RooxKHC8or1PEBlJbVP8-BlgpNtkqxAMhoW0y9IAAfN8132vvQ0iYpofqKC9TVTJWaB_CD41aLb19qx_9mzlkbHhTEfjKoQnXUn3WS3ECxhspBd&sai=AMfl-YSIwIrcExTPIkpl5qjp0ltx0dNMTSuuQMCzn_jFNsY8khixGwo7ytcqwtvXb7p2Z3_rTwUJYisE_g4M3TVKQAv143ArSg5-6CA-Lw&sig=Cg0ArKJSzMSpmu4nfkG8EAE&cid=CAQSKQDq26N9kZLLxOuO4SFiIB9WZga7V_NdO-LVG638Evs1PWLT9UaFjbzBGAEgDg&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=283281734&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666460411065&rpt=873&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 19D1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxheG-RgrbpobxYUcVWaQ3_MRkaj4-lQvb-6SfwHeMstuAp5Qg2SaDBMtmy4nNfdj9Z0jOBI_Q-wUQ3lxkZaaTlrUqPAfm28Revqs3oNSY0KBLVsmkKzel99N_ly9dJfS-_nRf5A&sai=AMfl-YRr8nDN-vSpuV73QKVK94i265oXx7c55Q4YwflyAATdcRJAqqs9M_MW9fKWd9J13AvhsnzZ10HFDu0a3Bcw7IcIudW43Kxd9eVesQ&sig=Cg0ArKJSzIuveFFVfVo7EAE&cid=CAQSKQDq26N9Vqg4vTrQYgzUHhz5AfSYnLk2waTyfpoMt_eS0lSwzd0f8p0VGAEgDg&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=699258113&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666460411055&rpt=662&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 1248
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ab.ua&sn=ChromeSyncframe&so=0&topUrl=ab.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=MN2XcnxZTGxXN0g0cDZhRjJoRk5IU2EwSnVvVjhnSTVNbXhNT0xuZUVWdEFWUDY1UUw0ZC8rREFmVHlyMENhendIRFRheW9kQVI4a0hrUm5rbkJwZlkrT2plMzV6UnRMcVZkNGJIM3c1aUY4SUd6WDZCeWlKSFBSd2pqcW...
425 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MN2XcnxZTGxXN0g0cDZhRjJoRk5IU2EwSnVvVjhnSTVNbXhNT0xuZUVWdEFWUDY1UUw0ZC8rREFmVHlyMENhendIRFRheW9kQVI4a0hrUm5rbkJwZlkrT2plMzV6UnRMcVZkNGJIM3c1aUY4SUd6WDZCeWlKSFBSd2pqcWdGMS9mRDRJNFhwcHAveE5EZXBFbnQyS3hKekJ3enRTWXF5SERYUUkyNEZCMFUyRmw2MUZ1ZUhxcUluc3NZT0dDVWxub2VBL3pWcnkrdWRPK2VtMDcxVk9COE56NjJUaVp2UEd3VFVTdjVFd1RVTGxaUUFzSFFCNFNaMUpGTDlpQU42Ykd1RlY5c3cvQTJIQkR0Z0hrS2xZaWtmd1pvZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
52cfdc36476dee8eadb14dc8f5cb887986eddbf6cc69d79384037bf3adb1e5aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2507576
expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=MN2XcnxZTGxXN0g0cDZhRjJoRk5IU2EwSnVvVjhnSTVNbXhNT0xuZUVWdEFWUDY1UUw0ZC8rREFmVHlyMENhendIRFRheW9kQVI4a0hrUm5rbkJwZlkrT2plMzV6UnRMcVZkNGJIM3c1aUY4SUd6WDZCeWlKSFBSd2pqcWdGMS9mRDRJNFhwcHAveE5EZXBFbnQyS3hKekJ3enRTWXF5SERYUUkyNEZCMFUyRmw2MUZ1ZUhxcUluc3NZT0dDVWxub2VBL3pWcnkrdWRPK2VtMDcxVk9COE56NjJUaVp2UEd3VFVTdjVFd1RVTGxaUUFzSFFCNFNaMUpGTDlpQU42Ykd1RlY5c3cvQTJIQkR0Z0hrS2xZaWtmd1pvZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
575718
content-length
0
expires
0
adltl.js
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/adltl.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a40cdfcc8358c05e855e0514253b8e2b0795150b028e026dfd6e82bf451e74c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 04:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10777
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Oct 2023 04:39:41 GMT
adl.css
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		3 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/adl.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92403
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
956
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 16:00:10 GMT
1125_16542675305957.woff
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/1125_16542675305957.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8402c7dfbfabc5ff83157a8213d123aa110ffe664ba7b611e5e0e4e0d7ac29d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:00:11 GMT
x-content-type-options
nosniff
age
92402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4804
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 16:00:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8D97 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxI_8wnr-PyizC0sKmIm9CkLZX-a9QGl-CLDX-P5vbo4VO1sMpm-h-g0J2A_5EIAdEvJC3VWxqhZSrnjsAF81UR6ELpvI5LHXallbgVfA2OhHJJbD1z-uSZWz2d9CgNbO6lBOj0g&sai=AMfl-YQidbEj1jOPh63A3sdZkifjeUrP3uCO78FRkGDKZ_c5h0SZHBLrIvTEW7p3XkA1K73YqUVydKTGSRPf4PHVkD8RNts7ZCZUvQ6uFM7wJlk_XX67zTTKsOpyXDc8dYE&sig=Cg0ArKJSzIltRPG54VNTEAE&cid=CAQSPADq26N9BqYfGvRXRgslvQWjfPX8hyn3bKQ1AuH2GvoEa1RkD0dH-xBOLXlJTxFRQtM46BFo6Pmpszvz9BgBIA4&id=lidar2&mcvt=1116&p=642,1034,1242,1334&mtos=0,1116,1116,1116,1116&tos=0,1116,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=103610846&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666460412460&rpt=406&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 17:40:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1624967331.2899.png
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		229 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/1624967331.2899.png
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c72284b6c8eac32df87566950180e1725f16c3b4941a606c64d7a8068b8073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 05:37:56 GMT
x-content-type-options
nosniff
age
129738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 05:37:56 GMT
1622636136.4958.svg
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		417 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/1622636136.4958.svg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ba8700fdd425748533bf1ee4ccd89d4012dfebcd7b61d54f87d0d0e952b8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 16:00:12 GMT
1622636136.5185.svg
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		420 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/1622636136.5185.svg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef04ebd34f9d837413d0e44f7d8d778bf95a76119dfa0cd85d646306c531d430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 01:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Oct 2023 01:16:24 GMT
1622636136.4741.svg
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		483 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/1622636136.4741.svg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9650564960002c3a6b463e0c895f6faa3c65690a9870ea8cfa8c3811a6b2ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
353
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 16:00:12 GMT
1622636275.7439.svg
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		486 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/1622636275.7439.svg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7dcc07d397d0bf3aa1a918b78217d7ec794a40d776abd2286a77864d23c8f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
356
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 16:00:12 GMT
268_dc53990538f903257624774defeadbdb25e0d8bf_s12c-258_1651663369.7518.jpg
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/268_dc53990538f903257624774defeadbdb25e0d8bf_s12c-258_1651663369.7518.jpg
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6947abb443cf576e2c7f8e8398e725859968a3c398baee01c4a5903deffe35e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 04:39:41 GMT
x-content-type-options
nosniff
age
219633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50690
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Oct 2023 04:39:41 GMT
blank.gif
s0.2mdn.net/sadbundle/13069905879459432758/ Frame 71D5 		49 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13069905879459432758/blank.gif
Requested by
Host: fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
URL: https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83c1557c34311ed7a1ee2b470dfc813264effb811c2acfbc9609851a406bc178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13069905879459432758/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:00:12 GMT
x-content-type-options
nosniff
age
92402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 14:45:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 16:00:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8D97 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstffm__ECWdAXPtPbq4qqxAjIGZnYWpAdkXfbUL2hZpHYMBBQIoVkDSkIw74xxzxrOZUgl1UaJPEqCo0Al5lgB1hIHHwN5Bpxu7HGRsVgNAzM0NFx-SljMUGBHR7pHDCEeJMjakX0rBMJ2xk_HZpQG2iNizGOH5pLmR2d0kORp5exIlUMJR1gtAXRRJtJ4_avErDOWcx-AzZ55azhepBjEufkXM2fLHGPUPmoEahlr95D0XFBhjNQqk5r21y-6iC3Vszne1Bvzl3iJt4JmlwaPpV-4s-uM36OwGNfyVHjUCOazCkkJr3S3S72PtrYxtoujXwBBfiJjAW2InU67kIJoHv6eumFKZ3HLWgvkgLWka1C0Wpb-L95aJVoKSDA0StE8LlEQL0d0XLw6wSUe80K3VRVlAO3VauTzwwSXDSjngXqLvT5c9cnZUzvrz0ukV2OU0AJkXfKQk3Az5OiN6U9U8N-uIe0C1GjRA6vS5DOHR4cHjeLFuz7SBudIGPHW_O7RggXhwUA7AC1tgHR0K5ieHq-ql5psHWyTqp41tz1WYDUhkquKer3DCUFE82NMAOHWi7w0uQdFTm0YBFyf6fzHPv4YXpJ5537iDaVOPVoGSVrtyL-hBo95OJWrCpGasIT3e_KjUWkJcB9ZUNIzVywKVm6SWeCB0jfPswwtKfX73HS_tP8n0F98PbekY78Td_kFHRSMS0fvnM75TabXIzrugPGgOwILtWwqzjixlFjoLd4gmyO9lGv0rqcvK3901UORc0xP6gkEDgFxjqyPDIs5rrgw1E3isnQ5iCiMm_5A8-Cfu2byE2mV0eOo5YI1V6rjYuNSNowW1lKjAxqyVj1LFXWE-SuYiorV4Ev6kPx4cRspm0g2hcY6vtucJLxeJVrmC2ygXUZw0PjdrAJ_MRhjVZFR5g6L6Jlv4XPNVzzD1K10gciwi2GiDwdf14UCF8fwc8VBOJbEbYst1gQdszwJpZ1Bl3qhF9VopB49XXTszBHGvcCSOtJCrDAt2Z_GHMJcd7BAXfrTezwrw10Vh0y7SvrVEJRT02JyoYFoX0eJNATKAXrSxMoIPht4O6_hG8_k5oMKFdJxnd1R9UBkzEgnSPvwbfQL736tAkCBSNQeh67cwrfqkqgkUOmwW_X3xSnxpBLnB8_X6K94E7Y8kyHj0QL45IRb3SV5b7m7BFpePj28YPNZVYuxOCpAoLKlUpKxE2nHsItE6mez9oaFO&sai=AMfl-YQnebJ7_a2HCvsnBLDEvuAfWlkqECpiXkQrgLvKw-XWd-s8tA3vmbbVWXlSpJgU2XdtNIvU7C-_D_DklxAPDkATiyaA8vBxjngCC0kq8jDN8vMHDZ3O-X4lsaZbwmiytZuRQrS-NbeQvBImul0ckUR4vJVrpFIyDn9vIstRLKA2g83Fr6NZRaYMxAA0iqoX35csEnOHTg6l6RNho_g46YwHwMLeGYC-igObgbd5Bve9D-CEfr--m4XmNLEtX-Dyqx4BH8-ucuMv2w&sig=Cg0ArKJSzGB6FCY_SKlSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1531&vt=11&dtpt=1141&dett=3&cstd=386&cisv=r20221019.90305&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ab.ua
URL: https://ab.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 17:40:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connector.finup.lv
URL
https://connector.finup.lv/connector_6eca6bd211524687.js
Domain
markup.server.retentioneering.com
URL
https://markup.server.retentioneering.com/api/sites/10/collections
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga string| gacode string| APPLENS_PAGE_CATEGORY function| loadDeferredStyles function| raf object| dataLayer function| fbq function| _fbq object| App function| initReteTracker function| ReteTracker object| reteTracker boolean| __RETE_INIT__ function| getAnnual object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ipsp function| $oplata function| addListener function| camelCase function| isObject function| isRegexp function| isArguments function| isError function| isArray function| isDate function| isString function| isNumber function| isBoolean function| isElement function| getType function| popupBlocker function| prepareFormData function| Class object| pubsub function| domReady function| Module function| Connector function| __DEFAULTCALLBACK__ function| Checkout function| MobilePay object| recaptcha object| closure_lm_179509 object| google_tag_data object| gaplugins object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle function| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| AbStor object| googletag object| vmpbjs object| vpb object| __cfBeacon string| google_user_agent_client_hint object| google_tag_manager object| gaGlobal object| gaData function| hj object| _hjSettings object| google_optimize object| vmpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| GoogleGcLKhOms function| $ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding object| banner7742_88767903299972620 object| Criteo object| ap_br_img number| k object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

40 Cookies

Domain/Path Name / Value
.server.retentioneering.com/ Name: reuseridx
Value: wKgqm2NUKvZxewAfI+UBAg==
ab.ua/ Name: reuserid
Value: d40b9d1c-a29a-482a-8f64-bdd06b591030
.ab.ua/ Name: _fbp
Value: fb.1.1666460406528.162475577
ab.ua/ Name: rete-force-tracking
Value: true
.ab.ua/ Name: _ga
Value: GA1.2.2133675183.1666460407
.ab.ua/ Name: _gid
Value: GA1.2.1794283272.1666460407
.ab.ua/ Name: _dc_gtm_UA-38995824-6
Value: 1
.ab.ua/ Name: __gpi
Value: UID=00000b76b05578c8:T=1666460407:RT=1666460407:S=ALNI_MYrX26jHNV24YKA4k-NtlCInbP1NQ
.ab.ua/ Name: __cf_bm
Value: g97r86NttcMyBU9D8vQ8uX4M.3eG7WaVkI1QUWz7mBU-1666460408-0-AfsHxMeyUs8dSooGeuqsMDzLVw9nn86IWORhYcN/QTSUUUFSDQ/PZ1dM4Io4I1nwrd0Bk+cWY+QExuaIHggIVn7jt4pL/bVjQ564XfLlO8NmptWjuB8MZk9f6O3WOlxc2Q==
.ab.ua/ Name: _hjSessionUser_2425535
Value: eyJpZCI6IjQ2ODVmMDZmLWU3ODAtNTY3My1hN2M2LWJjZjhhZDNhMDAxOSIsImNyZWF0ZWQiOjE2NjY0NjA0MDgyMTAsImV4aXN0aW5nIjpmYWxzZX0=
.ab.ua/ Name: _hjFirstSeen
Value: 1
ab.ua/ Name: _hjIncludedInSessionSample
Value: 0
.ab.ua/ Name: _hjSession_2425535
Value: eyJpZCI6IjM4NWQyM2JhLTNjYTUtNDdjNi1hMDA5LTk0ZmZhMWQxZWRiMCIsImNyZWF0ZWQiOjE2NjY0NjA0MDgyNzEsImluU2FtcGxlIjpmYWxzZX0=
.ab.ua/ Name: _hjAbsoluteSessionInProgress
Value: 0
.mfadsrvr.com/ Name: tuuid
Value: 076d8fd6-40bd-478e-9a8c-ef66a3e5d807
.mfadsrvr.com/ Name: c
Value: 1666460408
.mfadsrvr.com/ Name: tuuid_lu
Value: 1666460408
a4p.adpartner.pro/ Name: apuid
Value: b867668e-ec2e-4047-a84d-d4efd7219121
.mfadsrvr.com/ Name: ssh
Value: !adtelligent,1666460408
.adtelligent.com/ Name: vmuid
Value: c35d0b51e652b554
.adtelligent.com/ Name: a736011
Value: 076d8fd6-40bd-478e-9a8c-ef66a3e5d807
.adtelligent.com/ Name: a307558
Value: b867668e-ec2e-4047-a84d-d4efd7219121
.creativecdn.com/ Name: u
Value: tJbJFjuUm5ap8gkdqvVS
.creativecdn.com/ Name: ts
Value: 1666460409
ab.ua/ Name: _pbjs_userid_consent_data
Value: 2024371239917068
.ab.ua/ Name: _pubcid
Value: 2dc35aba-5a8f-4e0b-b89d-6060b2b1697a
ab.ua/ Name: session_id
Value: 00fe3c69-37f2-4b00-bae7-cbbca0365e1e
ab.ua/ Name: session_pageview
Value: 1666460410.1
ab.ua/ Name: site_visited
Value: 1666546810.1
.doubleclick.net/ Name: IDE
Value: AHWqTUlmbnLuAfC0vmBdIfVGXcCT4f8u_Zw7WRaBw5nedBUfjDBFi7WUVrY3UEGe6fY
a4p.adpartner.pro/ Name: apudmg
Value: 1
ab.ua/ Name: lapuid
Value: b867668e-ec2e-4047-a84d-d4efd7219121
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: FhlEuBZHyEqgOj0jTqikrnW4
.openx.net/ Name: i
Value: 2dc35aba-5a8f-4e0b-b89d-6060b2b1697a|1666460410
.rubiconproject.com/ Name: khaos
Value: L9K7I2KJ-L-FSXV
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoDkHN14g9PzfsKGGM1eolu5vVtDhgOVUN0kTU4st2MuTKDytwoNnkYt7RIpbk+ek0x+FptCLf6SuZKrRny8DY/
.ab.ua/ Name: __gads
Value: ID=bdb4ce4d0656104e:T=1666460407:S=ALNI_MbNW-mDl8uG9xTyCjFY6P0K9AoSew
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 33a5714c-e8c3-4f35-b589-9ada2ef39965

2 Console Messages

Source Level URL
Text
network error URL: https://connector.finup.lv/connector_6eca6bd211524687.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://markup.server.retentioneering.com/api/sites/10/collections
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ab.ua
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ap.lijit.com
api.fondy.eu
bidder.criteo.com
c2shb.ssp.yahoo.com
cloudflareinsights.com
cm.creativecdn.com
cm.g.doubleclick.net
connect.facebook.net
connector.finup.lv
creativecdn.com
csync.loopme.me
d1672trkrgk4ug.cloudfront.net
fastlane.rubiconproject.com
fe47e0f0807264f1ef2c28890517ebf8.safeframe.googlesyndication.com
file.adpartner.pro
fledge-eu.creativecdn.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
markup.server.retentioneering.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
rtb.mfadsrvr.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
static.hotjar.com
static.server.retentioneering.com
stats.g.doubleclick.net
sync.adtelligent.com
tpc.googlesyndication.com
ulf24.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
connector.finup.lv
markup.server.retentioneering.com
www.google-analytics.com
104.16.57.101
142.250.181.226
142.250.186.136
142.250.186.162
178.250.2.146
18.66.147.116
18.66.97.53
182.161.74.18
185.184.8.90
185.233.41.109
185.64.189.112
216.52.2.30
2600:9000:2261:4e00:a:7aac:6200:21
2602:803:c003:200::31
2606:4700:20::ac43:491c
2606:4700::6810:3865
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
2a0c:5c81:5142::2
35.157.246.167
35.214.174.31
35.244.159.8
45.133.44.3
51.38.120.206
52.222.236.63
52.31.142.134
52.59.108.23
54.38.197.123
62.149.1.122
75.2.35.182
77.123.132.26
0000654a8883e04eaee55c2ff2cc6fe5b00cd1bf3a8e152d9af73159ce23cfff
06052921b1401a415914b59f82b0e37fb3dfe60860bd96ef4c804880d2fc191f
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0a4fb3c21f8e79db3cb147729df83e213cd1029373a10b975ea7505e6498513f
0acfaa714fe8f812c7c2babb8fc824af79f4645198442ca042b8d250efa2b59b
0b44759160317999c484b07133691048a70a417897278beb0da0f9e2e28dfe79
0ede92e373061b47484fc03b8f2cc0a150b07e008af0fb832ed483ab85dcb54a
0f3d0fd852e148833f62ecf97593cbdcbbc668445dd77353eb39533482b090d1
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
107a61a38acf30e247d685f957b6ca36bc84654cace1a74a2ac7218caf527d3c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a33d903bf93c65fb23bbeca706ca3d5986b28a256207b89a4b922f37358de5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d622a47bb69b0c7cb8d98d125f403d98eecd41843273cf7b359fd696a859dd9
1dca53932dabb4c6d8c9da93ae4fd74fac7228ced518635b40c90efe6e3e590a
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
1f195c497f07ff49797bdfda762ca24d58f2e11683377435c2d948637018d464
202a34ffa273702ea80686b2f8a1d0ff9bd1169c54dd1578afce8038654baaf1
22a726b061b7cbfbdc336d5b8e1b57189f692caa889b0024157729465cfd6b23
255d63e1a658931e83c9f964367be4205c651e6c234f278b31a03588b8fe4f57
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269ba257610b7fe153a22b5aec51b4e44db1d668747af22fc10136e3c5dff08f
26cf9bc8786b3b516cf9a9504187a1f00d48730c572a8348b912abe4189a2cdf
28041ec86429388461ba8c6cbfe0cad5ea1be3fc0ffe6be7d9a5f9cc297ee642
29be1843ad37411fa7e046084a2b5d2bf7b400687e78ae22002058353f94a988
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1232925018ef5cf84f48bf7bf44eb80ac16f805843d1f317b448fafd44a590
33ba8700fdd425748533bf1ee4ccd89d4012dfebcd7b61d54f87d0d0e952b8b6
35fc6c273c50b1cda7f83e05b774a5d47e5ef0c0bc351e1106f4d1d2f8aaab65
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3d0a595946fddcccff1e9806fbc6688588260088f4b4728b33f77a0105543604
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40dbc40e9e081340260614465a04420f5ba88bb97a319f53887b3030a7c3b0ec
42724505e73d98d4ce6477eab93dfa7bd63a28d1092fcb0a9aa76e0975ca1549
439c5e35c4416eab3a146aef5df911fa424dd621ce7a974a4a5d034a53c35502
43ca939e960e36056c40ffe0a972fa2e6de8f117cf1c433e71cdb62b502dc74f
4904699a83e4dba82f725d6861c9cd7828ee4ae6e93d1b91659a500e3652a9e4
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a6fdbb924528e90f917ed7e9d608acd4d7fd3a66432c1782e3c03d25a6fefe0
4a9650564960002c3a6b463e0c895f6faa3c65690a9870ea8cfa8c3811a6b2ee
4d209421876317a175cdb5e79cc5add2a7f2b6cce6fc49071bab1b34d12bed83
4dc32a72d6229fb81150f0be86ac3a670ec40164c36b112fef74386ddc076b29
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52cfdc36476dee8eadb14dc8f5cb887986eddbf6cc69d79384037bf3adb1e5aa
53a0a9d32817f8befa7b26ae9e17761984c306e56d74ad1588e34f73cc168ede
5556f915206475bf4518ce92609d4cc67ee5832aaab5251be2d72e44b039db03
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5650dee2a26af48e569504f59015f9f9771bc00b47f82252c9d3fa0ebb0cabb3
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59d43c1c4cb995a418871f057e4cdbb8fee0979377ed27c674356170b0434307
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c7f25f7f186c3f8391555e960010c19d2837295e0a8ada5c481aad3f3cc12c8
5ca5d609f7052e219cc38b473f04df801fb18a3d60121c0ba2ead898e03e2cac
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6383d551012d6308419f27d768cb52794faff8ba73da309e00c579e161064784
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
680be2a968430c7b49bf374c2f8eb095b2fa90697ceeb5c6b806d3b2d3c61dbe
6922c20b5d19b0f46d7688e7df946fbfdb14b22c9b33783f7f14bad5738f82c3
6947abb443cf576e2c7f8e8398e725859968a3c398baee01c4a5903deffe35e0
697e83f0eeb5b923627192244d4abfbfebafef8e999996d2eb5ab39a32387d82
6cd69acee0583161d938de5d4483723232058798645f84d25b5abb2bb26d2daa
6e1faada6818ab9b8f072a0d42e2d658a344a420fa8a5e93d9949852cc4e6796
6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a
6f99c3b46e3e9c4a0b83bff85ab15facf6d8fa7cb43632934195ffbe59c34bb6
7015bdc2944a0491176d948597ac45faa4a86cb701140b704c94d969e830ac8e
70c2c548be1c6c2cc8bd40d0f4e8cfe8e819ab36305fe4af5edb3f5b764010db
7150e45cb7c203a9f1dc422e06ae90968e0fdc0f5994b3ec2c2616cc82e61309
721059d676a3946b8b3ee73aa2f3740a1c9fba1d803306d731a561cf38682862
723154b6d9a69d1b9189c689ad63b143a8f10f181178837e375458bd402553d0
7297b79170bb0b71d01696205cafc661bb21045047f0becc3d88fc34ef0e4dd0
74a3508f8bc59785d5c21df0b949d3cfdb233bbcc8a06675dd2edacf41ead55b
78d243988f1bf9d3b8a31b27771a9b737e1f47af4759b104ad4b006a40b0b5d5
79b26cf244d276d1ec0cf629e08a400ac21944ecfe64ce53acedeab749a49779
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838176ebbcc753b774542598e977090f88bcd10b92c6c7f095f1637f94cb436f
83c1557c34311ed7a1ee2b470dfc813264effb811c2acfbc9609851a406bc178
83c50640e16f517ff7506392668244e4c2a61620647aeea28059c963d6ee7cdf
83eb0b5622b7769d24bbe8293c1429913d0910add83fec0afc3246bb9b555bfd
8402c7dfbfabc5ff83157a8213d123aa110ffe664ba7b611e5e0e4e0d7ac29d1
842ed7562f48ce5eaacd438fb4cec57ea5e6370e28ad9a4301fbbb0e44da82b0
84a343c2906d2596e84833484bb2ebb5fca2d316e0225cac509e308309cc0629
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
86b339e8990bd3a2d98bb8422cc411cb403ad9c475a11226d13dfdfe1715a5e1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc55ead004ccdbeb6ac4034b5f6cd1a5a4d0080554dd72d83b782a05db86d7f
8d5e250247ab0f0e22363bac3ebb1a58a6326907d1bc7ff0827b209e2835b4fa
8effdecce03465ad3d21afaeb678625930e4e3f46de1064a2e7e2d591218e2fd
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
943c6c9be4926bc5093403bfbd5cecaeaab1fb2d03cf0eee7c1057ad8d0e986a
9531c1860f9528363506ae3032706f779ea78c13b93b26d6969a6a229ae1f476
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9823ec78beb17ead662970b3dc8a7de50b09645837a2b1d4839c36d391e4205b
982ae60b1cdd83a93411a7579913519405a3831aad1a10af11870c595787b5a4
99941c10322e74066a3582340c581fc18bc4e9c1be98c46fcad7b457b687b251
99d598ff0575c90b84b191ef61b2115064ca6d88495e90ceb61f2bd26cd6382e
9c15714a07f4cb1346249a2746adcda0b565705048fd85777c0a0f1ccd436ca3
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
a0b241e049e3e3e78b4d7a308617316b6da482d47ef9ce69d0b33a7f675470b4
a32f632e15f9529126d9c1c019e6be5c162c94025e51bdf55ef5f30d0207ebdd
a40cdfcc8358c05e855e0514253b8e2b0795150b028e026dfd6e82bf451e74c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b45caa4de140d269aa1da054ed80cd3f2b7dc2e8c172d263fb556ea315979f
a7288e0534ffa84e78b2d64da5c162faad3f8d4e295c03294180375bb04d5b24
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dcc07d397d0bf3aa1a918b78217d7ec794a40d776abd2286a77864d23c8f41
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b3f1408c57b4de7184ed1b90f6dbc0a24ec7759b68eceee9f7184856b6b2eb83
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b76f7cd9fe750fc73e726eb1b46dc55ea436bc15b7116efe9b47b2d1b8b53edc
bb3d71f04aa28366e14b98f0b79db2f92f5aca24d4fbeab9da1b92c51e9ef9ad
bc498892c93765049dda7d4062a4efc6c84f35d757c88a04aba58dbb3cfde4ca
bd1e9d4fcd73b242f4f503a95bef3fe7d18cf0349a57db1b096677e6f9771f00
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c3869c8390e98c318a0f86bbb9dbf5949bb3ab162eb7eec743051433c427d8e1
c3c72284b6c8eac32df87566950180e1725f16c3b4941a606c64d7a8068b8073
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cbd5799460f8a20362193611b70868c9045cd83e8f69dc844d7c6249961622be
cd909fa1f7d10f7530694228f7184e5c3a1e205c403409c31840938fbfb124f1
ce0ead743a7b7d26db0b3f9fee522d34459fd36e4d1d39bc50bb298cc63087d0
d16903ae8f462570d2f0692d83a60e85e05ce1c3cb33dc0f83f20f3b541e641b
d27832675aff3a40e7579dacdd7ce3e347c0179168abf6fc0cb8d0d99864c9d4
d4a14f6194b873be7dbea5acb594401ac53cf9a19c6404d6358d44f37c35f34a
d524bb52c9c0184810b79cabad5acfcf380211b7beec5145755951d88f1630d5
d85d4624dcb4c496e51b3cf5566271c52396d900c7320084e80d1af92e2d769e
dac72fd9bd2655ca867a509ee6bbae94287170c63d1a1dcef19961addf5914a6
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
ddec59b3ae18044440ae3d866b6d8e2434b1bc66ecac571c7d10c6a2c97612c6
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e092a4162772b3d96b51b47055634661753e7d621aa8b055208abb9a55194fe3
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ced42b12e2f7f73aef5499589fedaa109888f9f9cb823bc2aaa2be1a9e989c
e16983fcba4ee5f1e5a48ca3a2e051ff34ad2f59d788a155de4b5919d252bb85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6aa8f830f4c7c5cea8625d97ec22a2bad9bcea915c87582ef5e9dec5583e623
e7d0101029811eb24a54fb6df18465c8215197611e6fba81863f7b44657340d7
e907aa8982cc6fa6303938b9b89bd447afe611a1169d030479c8ac6114d49ee5
e9292f1d224e23eb1cbfd66f8284ae33fcf8c17611f1a08547c52c967f81b4d7
e9c625b1b0cb2e5823ea5f4c19a596edc2f824acc6fc7205ef543c468420129c
ec5c464bd850932a1b731068acb4c5d9d113a4cc4cd294df4d700885b7455f16
ed4ea613399bc877dd667a01dd754a4df5ce1d9ae76666c238ca918d88e2b39a
ee4fe1734192176c6a69a45980a54d10b4a2f98449a6d9badb250eac0614b974
ef04ebd34f9d837413d0e44f7d8d778bf95a76119dfa0cd85d646306c531d430
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53892f8009f2ecd75d403c2c6f3c3e04321dda0c7ce8cc450403def69e7d98
f057f2b214c11c8d2a64b492d7060d588c04bd0d2e5a579d5b0081943cfcf924
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f433122da8de4f7e86aaa0422f1a1a782729938a6cf58632a1f591178b5b91f8
f54dd45bea4857cf125bc57cbbcbe76bd57ec00568de465f90813b989e210a13
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f5f88babf28610d0b32539c16346222ca92fa5432b898b89cedb40830f081c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7d7846499d76c27334262e28d19530c1eb0953fecc846396d5327c06aa9aa5d
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
f91b9bad5439bf39ae22c14749bf629274ede96f94271a54552eb226ac164e2b
fa9adaf81eb092f6caa8e2d0e736d9ed1933f669388d163bc8ef6b874aa02572
fab4240da0e386d8f02ea8601ea511ec68f6a053829c71783ad3914a83d1a099
fb77d406a7ee61fd886c23743f7864d731d8465887f649c4d9981f3ca0221ee3
fd998b5850949085d1b4a6b7bee50529388c2552bd1482ba96fd5040bcd28869
fdc49198e7af8b2d539ac8d21397afba7a6a27667e4feab8b26614a24190c59a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fefd57fd837f56de0635ae1097cb9a20ec9db72890fa9c52b8ac7f643aae9a19