gloss.ua Open in urlscan Pro
13.32.25.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3uFQG7A
Effective URL:
https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Submission: On May 20 via api (May 20th 2021, 12:01:10 pm UTC) from PL

Summary HTTP 330 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 54 IPs in 12 countries across 56 domains to perform 330 HTTP transactions. The main IP is 13.32.25.85, located in United States and belongs to AMAZON-02, US. The main domain is gloss.ua.
TLS certificate: Issued by Amazon on September 14th 2020. Valid for: a year.

This is the only time gloss.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 3	91.198.36.35 91.198.36.35	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
23	13.32.25.85 13.32.25.85	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	91.198.36.26 91.198.36.26	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
20	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
13	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 14	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 11	146.0.227.107 146.0.227.107	20773 (GODADDY) (GODADDY)
2 7	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
2	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
3	52.19.6.23 52.19.6.23	16509 (AMAZON-02) (AMAZON-02)
3	183.110.238.136 183.110.238.136	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
2 2	195.209.108.39 195.209.108.39	52007 (ADRIVER-AS) (ADRIVER-AS)
8 14	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 7	212.8.250.83 212.8.250.83	49981 (WORLDSTREAM) (WORLDSTREAM)
12	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
35	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
9	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2 4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5 6	52.58.45.227 52.58.45.227	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	190.2.153.150 190.2.153.150	49981 (WORLDSTREAM) (WORLDSTREAM)
2 2	185.180.223.221 185.180.223.221	49981 (WORLDSTREAM) (WORLDSTREAM)
1 1	212.8.250.228 212.8.250.228	49981 (WORLDSTREAM) (WORLDSTREAM)
18	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
14	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	143.204.202.85 143.204.202.85	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	35.168.104.13 35.168.104.13	14618 (AMAZON-AES) (AMAZON-AES)
2 5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 1	184.24.15.122 184.24.15.122	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.124.27.129 3.124.27.129	16509 (AMAZON-02) (AMAZON-02)
2	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	52.206.107.130 52.206.107.130	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	18.195.194.125 18.195.194.125	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	23.20.15.211 23.20.15.211	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	217.182.200.19 217.182.200.19	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
330	54

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.198.36.35 (Ukraine) 1 redirects

ASN43405 (DIGITAL-VENTURES, UA)

h.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 13.32.25.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-85.fra56.r.cloudfront.net

gloss.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua

i.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-native.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 146.0.227.107 (Ascension Island) 4 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

ww251.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.6.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

idsync.admixer.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.39 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.8.250.83 (Rotterdam, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.45.227 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 190.2.153.150 (Naaldwijk, Netherlands) 2 redirects

ASN49981 (WORLDSTREAM, NL)

ad.mediawayss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.180.223.221 (Groningen, Netherlands) 2 redirects

ASN49981 (WORLDSTREAM, NL)

ad.outstream.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.adopx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.8.250.228 (Rotterdam, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ad.invamia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

656122af7ddd3087d54786e8c57dd02a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.202.85 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-85.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.168.104.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.15.122 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-15-122.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.27.129 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.107.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.194.125 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.15.211 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.19 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm5.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com 656122af7ddd3087d54786e8c57dd02a.safeframe.googlesyndication.com tpc.googlesyndication.com	620 KB
34	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com video-native.mgid.com cm.mgid.com s-img.mgid.com	486 KB
32	doubleclick.net 8 redirects stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net	234 KB
32	admixer.net 4 redirects cdn.admixer.net inv-nets.admixer.net inv-nets-eu.admixer.net	207 KB
23	gstatic.com fonts.gstatic.com www.gstatic.com	348 KB
23	gloss.ua gloss.ua	244 KB
15	facebook.com 2 redirects graph.facebook.com www.facebook.com	198 KB
14	googleapis.com fonts.googleapis.com imasdk.googleapis.com	1 MB
13	google.com 2 redirects adservice.google.com www.google.com	2 KB
11	fbcdn.net scontent.xx.fbcdn.net static.xx.fbcdn.net	569 KB
8	aniview.com player.aniview.com track1.aniview.com go1.aniview.com	107 KB
8	mox.tv 1 redirects ad.mox.tv bgstats.mox.tv	68 KB
7	creativecdn.com 2 redirects prebid-eu.creativecdn.com creativecdn.com	2 KB
6	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	2mdn.net s0.2mdn.net	82 KB
5	ampproject.org cdn.ampproject.org	108 KB
5	googletagservices.com www.googletagservices.com	148 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	unpkg.com 2 redirects unpkg.com	40 KB
4	trafmag.com m.trafmag.com	1 KB
4	holder.com.ua 1 redirects h.holder.com.ua i.holder.com.ua	7 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google.de adservice.google.de	1 KB
3	admixer.co.kr idsync.admixer.co.kr	3 KB
3	ismatlab.com ismatlab.com	445 B
3	onetag-sys.com onetag-sys.com	2 KB
3	smartadserver.com ww251.smartadserver.com prg.smartadserver.com	948 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com	889 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	754 B
2	lentainform.com cm.lentainform.com servicer.lentainform.com	781 B
2	360yield.com 1 redirects ad.360yield.com	846 B
2	googleadservices.com partner.googleadservices.com	617 B
2	quantserve.com 1 redirects pixel.quantserve.com	784 B
2	bemobile.ua source.mmi.bemobile.ua	24 KB
2	adriver.ru 2 redirects ad.adriver.ru	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	973 B
2	facebook.net connect.facebook.net	66 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	agkn.com 1 redirects d.agkn.com	759 B
1	idealmedia.io cm.idealmedia.io	448 B
1	vidver.to ad.vidver.to	431 B
1	vidverto.io 1 redirects ad.vidverto.io	496 B
1	invamia.com 1 redirects ad.invamia.com	511 B
1	adopx.net 1 redirects ad.adopx.net	527 B
1	outstream.today 1 redirects ad.outstream.today	541 B
1	mediawayss.com 1 redirects ad.mediawayss.com	562 B
1	mathtag.com 1 redirects sync.mathtag.com	690 B
1	adtarget.com.tr s.console.adtarget.com.tr
1	pinterest.com api.pinterest.com	356 B
1	gemius.pl gaua.hit.gemius.pl Failed googlecm.hit.gemius.pl	337 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	bit.ly 1 redirects bit.ly	279 B
0	tns-ua.com Failed pa.tns-ua.com Failed
330	56

	Domain	Requested by
34	pagead2.googlesyndication.com	cdn.admixer.net pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com srcdoc
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com gloss.ua googleads.g.doubleclick.net cdn.ampproject.org
23	gloss.ua	gloss.ua
22	fonts.gstatic.com	gloss.ua fonts.googleapis.com
14	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
14	www.facebook.com	2 redirects connect.facebook.net www.facebook.com
12	inv-nets-eu.admixer.net
11	video-native.mgid.com	jsc.mgid.com video-native.mgid.com
11	inv-nets.admixer.net	4 redirects cdn.admixer.net
10	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
9	cdn.admixer.net	gloss.ua cdn.admixer.net
8	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	s-img.mgid.com	jsc.mgid.com
7	ad.mox.tv	1 redirects gloss.ua ad.mox.tv
6	cm.mgid.com	jsc.mgid.com
6	x.bidswitch.net	5 redirects
5	pubads.g.doubleclick.net	imasdk.googleapis.com
5	s0.2mdn.net	imasdk.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	track1.aniview.com	player.aniview.com
5	www.googletagservices.com	ad.mox.tv pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.googleapis.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
4	cdn.mgid.com	jsc.mgid.com
4	c.mgid.com	jsc.mgid.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net gloss.ua
4	unpkg.com	2 redirects
4	m.trafmag.com
4	prebid-eu.creativecdn.com	cdn.admixer.net
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	idsync.admixer.co.kr
3	creativecdn.com	2 redirects
3	ismatlab.com
3	onetag-sys.com	inv-nets.admixer.net
3	h.holder.com.ua	1 redirects i.holder.com.ua
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	ad.360yield.com	1 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	player.aniview.com	jsc.mgid.com player.aniview.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	pixel.quantserve.com	1 redirects
2	source.mmi.bemobile.ua	h.holder.com.ua source.mmi.bemobile.ua
2	ad.adriver.ru	2 redirects
2	ads.betweendigital.com	2 redirects
2	prg.smartadserver.com	cdn.admixer.net
2	scontent.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	gloss.ua connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	servicer.lentainform.com	player.aniview.com
1	googlecm.hit.gemius.pl	1 redirects
1	d.agkn.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	go1.aniview.com	player.aniview.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	cm.idealmedia.io
1	cm.lentainform.com
1	secure-assets.rubiconproject.com	1 redirects
1	656122af7ddd3087d54786e8c57dd02a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	servicer.mgid.com	jsc.mgid.com
1	ad.vidver.to
1	ad.vidverto.io	1 redirects
1	ad.invamia.com	1 redirects
1	ad.adopx.net	1 redirects
1	ad.outstream.today	1 redirects
1	ad.mediawayss.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bgstats.mox.tv
1	jsc.mgid.com	h.holder.com.ua
1	s.console.adtarget.com.tr
1	ww251.smartadserver.com	cdn.admixer.net
1	api.pinterest.com	gloss.ua
1	graph.facebook.com	gloss.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	i.holder.com.ua	gloss.ua
1	www.googletagmanager.com	gloss.ua
1	bit.ly	1 redirects
0	pa.tns-ua.com Failed	source.mmi.bemobile.ua
0	gaua.hit.gemius.pl Failed	gloss.ua
330	85

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
t.me
rollton.promo
youtu.be
widgets.mgid.com
www.mgid.com
herbeauty.co

Subject Issuer	Validity	Valid
gloss.ua Amazon	`2020-09-14` - `2021-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
holder.com.ua R3	`2021-04-18` - `2021-07-17`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-21`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
ismatlab.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-11` - `2022-05-11`	a year	crt.sh
*.admixer.co.kr GeoTrust RSA CA 2018	`2021-04-05` - `2022-05-06`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
ad.mox.tv R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
bgstats.mox.tv R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
ad.vidver.to R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2020-09-13` - `2021-10-15`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 40 frames:

Primary Page: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Frame ID: 3E787F4C67898E6771CC9EF3A37EE081
Requests: 160 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: EA5796E7F50AF3AE0C0CF39EF5F583B0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width
Frame ID: 256E1D0B24AC1C0192475C5596A38FF8
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
Frame ID: 8CC4F68C2FBA8D59AAC71EB9D37E29DC
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 1DD5A188D808A077D304F810590F0A33
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 949CB06D0AEAC4123F8368E14AE18FF2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 3B41C68673EA6D397748BCD260B2DCF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A96D16A8734CF6661B369FA08DE6CC29
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 58F02FD3B46DBA300A82C3025CC19977
Requests: 9 HTTP requests in this frame

Frame: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Frame ID: 33C20FE597509090856515246AA18DE4
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: C07464BBA1F8862CFA68B53D6D88B44B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239
Frame ID: C8C8D64889116D6118A8CEB5B427E5BB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=3279755405&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054103&bpp=1&bdt=238&idt=228&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=2036352084&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15&biw=1600&bih=1200&isw=728&ish=90&ifk=495514336&scr_x=0&scr_y=0&oid=3&pvsid=1667487972369955&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17nqjfkdxqx4&fsb=1&dtd=236
Frame ID: 4A244F819D59DF965761D068E8900E45
Requests: 16 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1621512054485708033165
Frame ID: 96DBC31DCF05504158702DC8E6494248
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4BB471D28CEC64B0186985A4F7941D45
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DCBBAF7B3404662D8A9A517740C10EBC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 006C638A42EA52A5DFEC4BE94D02977C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 12987BD1D6ED6C278433C9374EE5D435
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: A02353CB06535B4B87B3E4893A04E7FB
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: 79D78A4873AAFE80E34D6BF77F0DD0DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B737C38122551231CABC88DD5C5872D9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: 0F58947F58C5AC3AE46A6D22D43D9785
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9E3A0AD1ABD4FE9DA9B818344ED261C6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DB4D4F6537EEC9C1B82524E6CC9A0607
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Frame ID: 771DD3841375FFF6B1F465EFAC8F7672
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 2DE95CD11609CBCD3644270F0F74BC91
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FD394AA2E83A2C1C262D1C02FE7BD29A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 42F1A7A29F2BDE4D62AF114E308341EB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B2AAEE43FCA0B4A7184842E422F9491E
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 96EF254E3BC01863A6F064969212438E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html
Frame ID: 91BF7B0A7552D807FF7C4964D9831566
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html
Frame ID: 05B3A79CC8F138C315F6A22274C75DC4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html
Frame ID: 101812430BE13C56E8CB6F0A251C70F2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html
Frame ID: F80582D8293B59A2F897F73E85FB5608
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html
Frame ID: E174CB92E2357C7F73CD6CCD506147D6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ED81ED9EC42D3ACC11EFC78848F8BCC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D11D7B07E03E92494EE155E9AF884F48
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0D02E030BE2F5D13B1D06F10877D097C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1ADB1C3C859538996CCC9001E9614EF1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DF6D51503A46819EE23CA66B634D92DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3uFQG7A HTTP 301
http://h.holder.com.ua/c?tz&z1585&b157927&s03908&r[rndID]&u HTTP 302
https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-a... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

330
Requests

99 %
HTTPS

34 %
IPv6

56
Domains

85
Subdomains

54
IPs

12
Countries

5146 kB
Transfer

14575 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gloss.ua

Search URL Search Domain Scan URL

URL: https://twitter.com/glossua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gloss_ua/

Search URL Search Domain Scan URL

URL: https://t.me/glossua

Search URL Search Domain Scan URL

URL: https://rollton.promo/
Title: https://rollton.promo.

Search URL Search Domain Scan URL

URL: https://youtu.be/XMSSIbgQb_w
Title: трансляції на сторінці

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rollton.ukraine/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=gloss.ua&utm_medium=referral&utm_campaign=widgets&utm_content=720031
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/foodtravel/quick-recipes-you-should-try-in-2021/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/how-to-fix-your-sleep-schedule-10-tips/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3uFQG7A HTTP 301
http://h.holder.com.ua/c?tz&z1585&b157927&s03908&r[rndID]&u HTTP 302
https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.facebook.com/v2.12/plugins/comments.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width

Request Chain 80

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 82

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4c7191b3-e9ef-528c-b623-5922d6851657

Request Chain 84

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-6398147516 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=A0PRD-u5mHsdSidrn-JOibw

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEDDtmBRmnmnJ5sN7fqv0FyY&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmRmZWM2MjA5MDIzNDIyOWJmMTdiMzA5ODc4MmFjMzM=&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmRmZWM2MjA5MDIzNDIyOWJmMTdiMzA5ODc4MmFjMzM=&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEJ-kBshzH2iLG6K8uuBdT3g&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YTM5MjNkMWZjZjkwNDY2OGE1ZDg1ZTI5M2EwMzE1MDM=&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YTM5MjNkMWZjZjkwNDY2OGE1ZDg1ZTI5M2EwMzE1MDM=&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELvWtOF_av1mzv4td-yWlXc&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZWJiM2QzYzEzYTIzNDBiMWE2NWNkM2FhZDE5YTc3MGE=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEB4kvBVVsT5Y3QQbJsk7Oh4&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

Request Chain 120

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@6.6.2/swiper-bundle.min.css

Request Chain 124

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

Request Chain 128

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=ce738940-be5b-48a0-afe8-1d52cfa49d9a&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=ce738940-be5b-48a0-afe8-1d52cfa49d9a&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D67efa17d-486d-4e37-b217-58b4f8e223fd&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=131f60a6-4f76-4500-95f1-9e46b25dac4f&expires=30&ssp=prodoohmox&bsw_param=67efa17d-486d-4e37-b217-58b4f8e223fd&gdpr=0&gdpr_consent= HTTP 302
https://ad.mox.tv/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd HTTP 302
https://ad.mediawayss.com/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
https://ad.outstream.today/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
https://ad.adopx.net/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.invamia.com/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.vidverto.io/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
https://ad.vidver.to/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=

Request Chain 201

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1621512054852&ns_c=UTF-8&cv=3.5&c8=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%87%D1%87%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%B4%D0%B0%D1%80%D1%83%D1%94%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D1%96%D0%BB%D1%96&c7=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1621512054852&ns_c=UTF-8&cv=3.5&c8=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%87%D1%87%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%B4%D0%B0%D1%80%D1%83%D1%94%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D1%96%D0%BB%D1%96&c7=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&c9=

Request Chain 202

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 203

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=gZQYdoPCTnaakExxgpVUeNPGGnWalEoig5Y5iSfD

Request Chain 204

https://x.bidswitch.net/sync?dsp_id=303&user_id=l4kSDEu0_b05 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=67efa17d-486d-4e37-b217-58b4f8e223fd HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=67efa17d-486d-4e37-b217-58b4f8e223fd

Request Chain 207

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=75a61982-8730-4f9d-8d82-57cef1500d0f

Request Chain 208

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=3065fb0d-a4cf-4e41-a16a-2555d36a1b40&ttl=1624104055

Request Chain 209

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=oYeiAk58fVqnWx7RvB07&pi=mgid

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDRrU0RFdTBfYjA1&muidn=l4kSDEu0_b05 HTTP 302
https://cm.mgid.com/google?muidn=l4kSDEu0_b05&google_ula={guid},5&google_gid=CAESEGvJDO41pNQOh-kDmP5YlEQ&google_cver=1

Request Chain 245

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 269

https://d.agkn.com/pixel/2175/?google_gid=CAESEESh4ad2_rOHNGkBT5o8kGQ&google_cver=1&google_push=AQvitUJtBL5fbX73RLCV_QTES0VLbBEuET7b8_Gr5vY8sY13zGGcqLExdYS13Jw0akawSbKHXyLX0j6KWwb9obzVp4iYblgsK7-d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJtBL5fbX73RLCV_QTES0VLbBEuET7b8_Gr5vY8sY13zGGcqLExdYS13Jw0akawSbKHXyLX0j6KWwb9obzVp4iYblgsK7-d&google_hm=Q0FFU0VFU2g0YWQyX3JPSE5Ha0JUNW84a0dR

Request Chain 270

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIGY0TisFsC7ZeJc5InOyRZa6g-GgybVyeARmQ-jKMARBIWi5hWdpoyHqBNjYvr_TRJ53j5XiU5XtYW39IfwKvEwATEFxUr&google_gid=CAESECjKNCTw6qXif6Y5xjNpuX8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPeemYUGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJR1kwVGlzRnNDN1plSmM1SW5PeVJaYTZnLUdneWJWeWVBUm1RLWpLTUFSQklXaTVoV2Rwb3lIcUJOall2cl9UUko1M2o1WGlVNVh0WVczOUlmd0t2RXdBVEVGeFVy HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbHV0QmN4bFlTWmlEZWdmdGxFdlhrSkpWbTVEVkp6dmFBQkVCZ2JzRFpDWQ==&google_push

Request Chain 271

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJRAo1kq4r7QAwJxufeL6Fp95jeUYSolfu8IVVYU0eHA-QM9g9L_FJhYN_mW16ECISalHSZdrOjDpPeOekadPcR7uS_5FU&google_gid=CAESEGD2_wTF_U4V-yrodiRuvvg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJRAo1kq4r7QAwJxufeL6Fp95jeUYSolfu8IVVYU0eHA-QM9g9L_FJhYN_mW16ECISalHSZdrOjDpPeOekadPcR7uS_5FU&google_gid=CAESEGD2_wTF_U4V-yrodiRuvvg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MjAxMjAwNTYyNjQ4MjUxOTI5MzE5OA%3D%3D&google_push=AQvitUJRAo1kq4r7QAwJxufeL6Fp95jeUYSolfu8IVVYU0eHA-QM9g9L_FJhYN_mW16ECISalHSZdrOjDpPeOekadPcR7uS_5FU

Request Chain 272

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPW_I53q-y4eKPR0A78MQOU&google_cver=1&google_push=AQvitUK4tO-XOj0BBUPUwdFtZPkT6jtS4nPnzNGt3r1QLCbOrGv7p4hGhD7T5PkNNtnqTkmC784-6YDhUUpsXUbALfPC6qSxOvUI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPW_I53q-y4eKPR0A78MQOU&google_cver=1&google_push=AQvitUK4tO-XOj0BBUPUwdFtZPkT6jtS4nPnzNGt3r1QLCbOrGv7p4hGhD7T5PkNNtnqTkmC784-6YDhUUpsXUbALfPC6qSxOvUI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UoFkgbz9S1CpV1t7ELbiAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4tO-XOj0BBUPUwdFtZPkT6jtS4nPnzNGt3r1QLCbOrGv7p4hGhD7T5PkNNtnqTkmC784-6YDhUUpsXUbALfPC6qSxOvUI

Request Chain 273

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc=

Request Chain 274

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGStQ40b0PZyomB21-UVlGM&google_cver=1&google_push=AQvitUI6R4dqYuU1MB9sqQgIbR0_scqnTOHzWAe1hTMv77yLOuBI_hlaLqx3Gmn0-zCyQlP_HI24YzlFS18o3XWsChvaH-zl4lCAsQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUI6R4dqYuU1MB9sqQgIbR0_scqnTOHzWAe1hTMv77yLOuBI_hlaLqx3Gmn0-zCyQlP_HI24YzlFS18o3XWsChvaH-zl4lCAsQ&google_hm=

330 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili Show response
gloss.ua/press-release/
Redirect Chain

https://bit.ly/3uFQG7A
http://h.holder.com.ua/c?tz&z1585&b157927&s03908&r[rndID]&u
https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

70 KB
14 KB

31ms
10ms

Document
text/html

13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 3af9d4558886b1fcba80130a959f2bb9a84ba93c34e5ca4ea5320569b3589c20

Request headers

:method: GET
:authority: gloss.ua
:scheme: https
:path: /press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
server: nginx/1.15.9
date: Thu, 20 May 2021 12:00:19 GMT
set-cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; expires=Wed, 11-Aug-2021 20:00:19 GMT; Max-Age=7200000; path=/; domain=.gloss.ua
create-date: Thu, 20 May 2021 15:00:19 +0300
last-modified: Thu, 20 May 2021 15:00:19 +0300
cache-control: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: DAjECNY5vVJEmR7G0_TOnJv-9u1K6XESuhkce060MPPIe1tHwd21xw==
age: 33

Redirect headers

Content-Length: 0
Location: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Connection: Keep-Alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8513368-1

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

097ee19b938231fab94fa26d6b8495456103f37e5bb10dffa2feab3b765e3a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35728
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:52 GMT

GET
H2 200 bootstrap.min.css
gloss.ua/user/css/ 18 KB
5 KB 10ms
9ms Stylesheet
text/css 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/css/bootstrap.min.css
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 5f5f83a4da072c2792664a2ab4f343661046ec613e1dbbe32516fdbb882e5c69

Request headers

:path: /user/css/bootstrap.min.css
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 10:52:30 GMT
server: nginx/1.15.9
age: 32
etag: W/"604b47ee-4820"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 8NPTGYO2Vy_39bCpZhlK8Gbud-GG4IVwbR3VarmtXPOpzRwse59bjw==

GET
H/1.1 200
OK holder.js Show response
i.holder.com.ua/t/ 9 KB
4 KB 98ms
32ms Script
application/x-javascript 91.198.36.26
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.holder.com.ua/t/holder.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: i1.i.ua
Software: nginx /
Resource Hash: 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 14:14:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Fri, 20 May 2022 12:00:52 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
29 KB 24ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8e803df870509df5596e431097ee1fffed78481509f955db288e3f3cd47b16e8

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:50 GMT
server: nginx
etag: W/"609a8fb6-15695"
x-cached-since: 2021-05-20T11:53:02+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
expires: Tue, 11 May 2021 14:22:34 GMT

GET
H2 200 logo-white.svg
gloss.ua/user/img/ 11 KB
5 KB 14ms
12ms Image
image/svg+xml 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/user/img/logo-white.svg
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 19ddf935291977d820707b78804f6b095666d6b1cfbf00e1c34cb9401a3ffd68

Request headers

:path: /user/img/logo-white.svg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.15.9
age: 32
etag: W/"5fb24c31-2c5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: eKNFWNvpcvMxjPkt0OtOXivn_CpqZBfMdp3eLwbHePR6gT8X_v8adQ==

GET
H2 200 magnifying-glass.svg
gloss.ua/user/img/icons/ 1 KB
995 B 12ms
9ms Image
image/svg+xml 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/user/img/icons/magnifying-glass.svg
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: c7de406c380759d8592bfed3409fe64c6211d85d4433b23e0dccc67bd7738520

Request headers

:path: /user/img/icons/magnifying-glass.svg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 09:02:46 GMT
server: nginx/1.15.9
age: 32
etag: W/"5fc9fb36-51d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: KOazuDRJSRSu4M3jajaIq_wda1XvEl015h-dA4soGTXtyKuQb098nA==

GET
H2 200 63_middle-v1620998351.jpg
gloss.ua/img/article/1340/ 63 KB
63 KB 12ms
10ms Image
image/jpeg 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/img/article/1340/63_middle-v1620998351.jpg
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: f270ab381a608a9ad732353e8b147ca8299826c454f0f57042075288797a2fce

Request headers

:path: /img/article/1340/63_middle-v1620998351.jpg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 13:19:11 GMT
server: nginx/1.15.9
age: 32
etag: "609e78cf-fbde"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 64478
x-amz-cf-id: BL5doJ3KT7wS1yCmK66iXJqMIsFsC6xHJgXoRKGbKaM_LgSy5dt_tg==
expires: Sat, 19 Jun 2021 12:00:20 GMT

GET
H2 200 63_tn-v1620998351.jpg
gloss.ua/img/article/1340/ 22 KB
22 KB 18ms
16ms Image
image/jpeg 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/img/article/1340/63_tn-v1620998351.jpg
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 4b72580c1be0027bd5e4838f133d64b941c2bd5088b8403d9315619ca88235a3

Request headers

:path: /img/article/1340/63_tn-v1620998351.jpg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 13:19:11 GMT
server: nginx/1.15.9
age: 32
etag: "609e78cf-560a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 22026
x-amz-cf-id: KkRFD0JlCiKRsiW_D7DdAYtOwzLeOjBwg9IGq6KQ_9XwvWUUjVbZsw==
expires: Sat, 19 Jun 2021 12:00:20 GMT

GET
H2 200 21_mplette-v1621503679.jpg
gloss.ua/img/article/1342/ 68 KB
68 KB 20ms
18ms Image
image/jpeg 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/img/article/1342/21_mplette-v1621503679.jpg
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: e6a7e94a53b549bb9fc58598be2b2e4869b56276066dd87baa5a8a922e233c05

Request headers

:path: /img/article/1342/21_mplette-v1621503679.jpg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 09:41:19 GMT
server: nginx/1.15.9
age: 32
etag: "60a62ebf-10fe2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 69602
x-amz-cf-id: AGPTM4ZVGMvfd6jeWo55PBV9nRIGnd42oE3DhKBTzmpsi18PEt0v2Q==
expires: Sat, 19 Jun 2021 12:00:20 GMT

GET
H2 200 styles_news.css
gloss.ua/user/css/ 33 KB
5 KB 44ms
41ms Stylesheet
text/css 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/css/styles_news.css
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 8e66db5c8a3ff67fe0539cb1d3ed50afda03e15bce9d2aff89d4638e5fc99579

Request headers

:path: /user/css/styles_news.css
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 14:52:56 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5fd0e4c8-8304"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-id: QOlzYhGaGxYEwcpp5knVdOB_FkqOkS_73rGMAzSZSAFMPI4heGwcPA==

GET
H2 200 fixed-v6.css
gloss.ua/user/css/ 8 KB
2 KB 45ms
42ms Stylesheet
text/css 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/css/fixed-v6.css
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 800a7742a7f1f991e8cd55e5311f1cdd2af5387205c238749bbcd08d63f11df7

Request headers

:path: /user/css/fixed-v6.css
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 09:34:18 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"60507b9a-214f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-id: RZ1w5vPPwozGaHsS_Q_5f8_zHQsW1SgWAc9epVvbDgsbPTxJ0ebKKQ==

GET
H2 200 sunsite-front.js Show response
gloss.ua/user/js/ 33 KB
9 KB 25ms
23ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/sunsite-front.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 94664f46dfa22d5d14660145127c613d77094205f6711c9caaa6ef26df170c2c

Request headers

:path: /user/js/sunsite-front.js
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:20 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 14:07:02 GMT
server: nginx/1.15.9
age: 32
etag: W/"5fd22b86-83d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: JwLXHX9T6VEXa2N83OjaUQaM6zhXgDrui0bMFQqG6S0OAClVpptb1w==
expires: Sat, 19 Jun 2021 12:00:20 GMT

GET xgemius.js
gaua.hit.gemius.pl/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8513368-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1856
date: Thu, 20 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 20 May 2021 13:29:56 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1777598898&t=pageview&_s=1&dl=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ul=en-us&de=UTF-8&dt=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%87%D1%87%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%B4%D0%B0%D1%80%D1%83%D1%94%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D1%96%D0%BB%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1782468842&gjid=328828961&cid=1278708326.1621512052&tid=UA-8513368-1&_gid=2091690816.1621512052&_r=1&gtm=2ou5c1&z=1252580850

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gloss.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
80 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-8513368-1&cid=1278708326.1621512052&jid=1782468842&gjid=328828961&_gid=2091690816.1621512052&_u=YEBAAUAAAAAAAC~&z=1085811058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 May 2021 12:00:52 GMT
content-type: text/plain
access-control-allow-origin: https://gloss.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame EA57 637 B
514 B 6ms
5ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

server: nginx
date: Thu, 20 May 2021 12:00:52 GMT
content-type: text/html
last-modified: Tue, 11 May 2021 14:07:45 GMT
vary: Accept-Encoding
etag: W/"609a8fb1-27d"
expires: Thu, 12 May 2022 14:12:37 GMT
cache-control: max-age=31622400
access-control-allow-origin: https://jo.opensooq.com
access-control-allow-credentials: true
cache: HIT
x-cached-since: 2021-05-11T14:12:37+00:00
x-id: fr5-up-gc29
content-encoding: gzip

GET
H2 200 306443839e6ad02abd2f.b.js Show response
cdn.admixer.net/scripts3/ 82 KB
22 KB 7ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0e671a70fbf1155ed9ec58398fb6d144360a73646429e52701ef584533fbb610

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:36 GMT
server: nginx
etag: W/"609a8fa8-14745"
vary: Accept-Encoding
x-cached-since: 2021-05-11T14:12:36+00:00
content-type: application/javascript
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Thu, 12 May 2022 14:12:36 GMT

GET
H2 200 d9d92df4fba73716000e.b.js Show response
cdn.admixer.net/scripts3/ 92 KB
25 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e76161afe81de38b97738d5d9008b7f211017ed268ebc8998acce1f3e9c49f61

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:47 GMT
server: nginx
etag: W/"609a8fb3-16ee8"
vary: Accept-Encoding
x-cached-since: 2021-05-11T14:12:36+00:00
content-type: application/javascript
access-control-allow-origin: https://jo.opensooq.com
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Thu, 12 May 2022 14:12:36 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 sprite.png
gloss.ua/user/img/icons/ 13 KB
14 KB 80ms
80ms Image
image/png 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/user/img/icons/sprite.png
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 55504e4bf4db52ea9ddb498c660d030e24d69661a1a1cd8012d41d68ce28e8eb

Request headers

:path: /user/img/icons/sprite.png
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/user/css/bootstrap.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/user/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Tue, 17 Nov 2020 08:13:38 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: "5fb38632-355a"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13658
x-amz-cf-id: i6GSJdL5EQErWCC1SwuiPupmPZpcwjU7S1a7X0iHBIgVysTOQs3eIw==
expires: Sat, 19 Jun 2021 12:00:52 GMT

GET
H2 200 eye-open.svg
gloss.ua/user/img/icons/ 2 KB
1 KB 79ms
79ms Image
image/svg+xml 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/user/img/icons/eye-open.svg
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 3ae55faa9e2bca43b1cb2de84108084a97c2025a476b063eefdf5386fb62239b

Request headers

:path: /user/img/icons/eye-open.svg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/user/css/bootstrap.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/user/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 08:54:21 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5fc9f93d-895"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-id: 8NoeLdsIPnivTE-sTchsdJzG2xYRUqGP842HeTrNAfc4b7dA6buEJw==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a29d37c6cbf3c5499c91b3c7256943b2fa63595af09521c9c8b223d1b159b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:07:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:51 GMT
server: sffe
age: 35631
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9984
x-xss-protection: 0
expires: Fri, 20 May 2022 02:07:01 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/bootstrap.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 03:57:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:04 GMT
server: sffe
age: 547398
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15332
x-xss-protection: 0
expires: Sat, 14 May 2022 03:57:34 GMT

GET
H2 200 likely.js Show response
gloss.ua/user/js/ 28 KB
11 KB 45ms
45ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/likely.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 46eac06d72fc84a1f5d16649c8429fdb470ca17314e9046757f737c11c0adc94

Request headers

:path: /user/js/likely.js
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 02:57:24 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5f963b14-6e5b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: -KladI9EqXLKXgps5FSKCkhKt1HvVbth2vPW8Z9Rm6yZ2hX0iRFGwg==
expires: Sat, 19 Jun 2021 12:00:52 GMT

GET
H2 200 likely.css Show response
gloss.ua/user/css/ 10 KB
2 KB 76ms
76ms XHR
text/css 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/css/likely.css
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 6ac4a70918f423ebc3c22ef6848aacadfb2ceb65c9a97f98295355119f6b5b83

Request headers

:path: /user/css/likely.css
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 02:57:24 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5f963b14-27c1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-id: KZIGkR7ue3ij4yRIEH4btTaRMf6n8Qe-aHwcmRTFs5yJBubm0e51Jw==

GET
H2 200 gloss-app.js Show response
gloss.ua/user/js/ 6 KB
2 KB 46ms
45ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/gloss-app.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: a6066404120bbf3e4a08e8ff3caf6ec3d0128a10c0b64f48428693ff75f945d4

Request headers

:path: /user/js/gloss-app.js
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 13:39:57 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"604b6f2d-174d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: kvdPpAL0cV87YJ8tiH3tqcdlYPoFr4PV9HyHTwTGULZT9bbDIr_wAQ==
expires: Sat, 19 Jun 2021 12:00:52 GMT

POST
H2 200 profile Show response
gloss.ua/actions/banners/stat/articles_views/ 3 KB
1 KB 1216ms
1215ms XHR
application/json 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/actions/banners/stat/articles_views/profile
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 8e0ae319c0889182ffeaed511ab6b7201a039cb89d051d7340a25c1b790bed88

Request headers

sec-fetch-mode: cors
origin: https://gloss.ua
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
content-length: 3275
:path: /actions/banners/stat/articles_views/profile
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
pragma: no-cache
access-control-allow-origin: https://gloss.ua
last-modified: Thu, 20 May 2021 12:00:53 GMT
server: nginx/1.15.9
vary: Accept-Encoding
content-type: application/json
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
create-date: Thu, 20 May 2021 15:00:52 +0300
cache-control: no-cache post-check=0, pre-check=0
access-control-allow-credentials: true
set-cookie: vs=f11e82f124cfe55f46d3c40d13e0aaa5; expires=Wed, 11-Aug-2021 20:00:52 GMT; Max-Age=7200000; path=/; domain=.gloss.ua
x-amz-cf-id: mNpP5G2h2dYXQfGpaS2eEZDIzmS3yYztw9cXNrkf4N2OBE542Z1HtQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nprogress.min.js Show response
gloss.ua/user/js/ 4 KB
2 KB 48ms
47ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/nprogress.min.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 56e852a11b709e61ad947b2a575ad63efc7f5088ca7c18c73f1c3dc7518f7bad

Request headers

:path: /user/js/nprogress.min.js
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5fb24c31-100d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: wn8RLyKNiUB09z1ILsT-kuJVyLjnIrKBxUH-DDTFfTVEx7JnjTzpZQ==
expires: Sat, 19 Jun 2021 12:00:52 GMT

GET
H2 200 nprogress.min.css Show response
gloss.ua/user/css/ 1 KB
881 B 88ms
87ms XHR
text/css 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/css/nprogress.min.css
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 07acf5dda025a26dd027c17a49253ece9594d2cf09c87c8f18ac72b30b5969f2

Request headers

:path: /user/css/nprogress.min.css
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5fb24c31-5f4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
x-amz-cf-id: v19U8JcV_ytKqK6Fd0x8wU9YCQwnCWkmTc_h9R5mKgntQ_sUM3B4RQ==

GET
H3-29 200 BngRUXZYTXPIvIBgJJSb6u92w7CCwR26eg.woff2
fonts.gstatic.com/s/robotoslab/v7/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CCwR26eg.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf8bb591c1ef1b2c4571069ee87ea6032efe21bf084d8c452d6173de73e19fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 03:53:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:31:38 GMT
server: sffe
age: 29239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12960
x-xss-protection: 0
expires: Fri, 20 May 2022 03:53:33 GMT

GET
H2 200 play_1.svg
gloss.ua/user/img/ 354 B
664 B 88ms
88ms Image
image/svg+xml 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gloss.ua/user/img/play_1.svg
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/css/fixed-v6.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: e500996e8e7df0dad08ec55dfc1952614ef8f5c25ee6c5902e705268afb7651f

Request headers

:path: /user/img/play_1.svg
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gloss.ua
referer: https://gloss.ua/user/css/fixed-v6.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/user/css/fixed-v6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 09:56:17 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: "5fc61341-162"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 354
x-amz-cf-id: fhvDVIIMEEzWEfPliMpxD9fVGobK3S0PBC-MgueAcmuRlGnUpSunHQ==

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 06:54:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 450408
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 15 May 2022 06:54:04 GMT

GET
H3-29 200 BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v7/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f347eea1cf2a62ce1a9fda1f847b25a09ca73fe6ddb196aa014e705182b0288f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:53:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:31:03 GMT
server: sffe
age: 32858
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
expires: Fri, 20 May 2022 02:53:14 GMT

GET
H3-29 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v7/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e099f52508ea4e3c116643ff36383375e8ab33ce866e5ab4f17b63f142e98e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:15:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:31:35 GMT
server: sffe
age: 35117
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17424
x-xss-protection: 0
expires: Fri, 20 May 2022 02:15:35 GMT

GET
H3-29 200 BngRUXZYTXPIvIBgJJSb6u92w7CGwR0.woff2
fonts.gstatic.com/s/robotoslab/v7/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CGwR0.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c45003af2c9eeeec9ac1206dd1bb6d6b759798be69d22e87fa868dc8ca056bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 00:18:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:27:42 GMT
server: sffe
age: 474113
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17532
x-xss-protection: 0
expires: Sun, 15 May 2022 00:18:59 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
server: sffe
age: 352634
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15436
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
age: 352634
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8589f8de6cff2670debc131476efdd070303664bce3a0b7e231ef16a0bfb6bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 09:07:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:04 GMT
server: sffe
age: 183188
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
expires: Wed, 18 May 2022 09:07:44 GMT

GET
H2 200 / Show response
graph.facebook.com/ 224 B
672 B 71ms
56ms XHR
application/json 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&access_token=1729830587180291|102e6d79cda2fa63b65c99c039eed12a&fields=og_object%7Bengagement%7Bcount%7D%7D

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/js/likely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

803d3e2b5fb07d714a3dbe0d5ea121c6ca82702601b561a801b8008033e53a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "6c7678e21f864e3fd0faa7b934152c9860c4072e"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
x-fb-rev: 1003826076
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 163
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: gDNZCP3mAV+hFW8T2JtpTWXVKIdsoWfzPz65tIKXM63Erk//fE3wWLTNZ/lijExszicyltdlHrB1OmkrpysLWQ==
x-fb-trace-id: ABySG2Ddcc3
date: Thu, 20 May 2021 12:00:52 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A1RH3A1ugxR6V8vtn9d_ENn
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v8.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 129 B
356 B 125ms
107ms XHR
application/javascript 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&callback=jsonp

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/js/likely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

308a2d856bad31c2e55be39c55fecb20d8c9f4b97dba6591065820f0d7c8e3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
x-envoy-upstream-service-time: 1
x-pinterest-rid: 9421288722694626
content-length: 129
expires: Thu, 20 May 2021 12:15:52 GMT

GET
H2 200 fslightbox.js Show response
gloss.ua/user/js/ 30 KB
10 KB 50ms
50ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/fslightbox.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 355bd4d3f25252820d33d39b3bf8d4163c4fccc889429c48887e74e9951796b8

Request headers

:path: /user/js/fslightbox.js
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1; store.test=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Sun, 18 Oct 2020 16:43:06 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5f8c709a-79b4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: h36vLxoIosN2k-P23GPIemkY0ijmEMsJ0oQG0kwVM-IaoJonBCrmDg==
expires: Sat, 19 Jun 2021 12:00:52 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a5e801541ad45339529cf05cedf94755fee9a98b67160d9951c8f074464d6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GxlxV0WfS3GfOUCJYtbOOA==
cross-origin-resource-policy: cross-origin
expires: Thu, 20 May 2021 12:11:50 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: zb87s+vjFvoHRg8+uD92ntW/p0CzGMwJcaLccUj4892p6uF3bIOEEQArZ5MCcQpjIyF1ZDW753Uiq0WtL+8isg==
x-fb-trip-id: 917726464
x-fb-content-md5: 4403d9377c2c2687700e0129fcff08eb
date: Thu, 20 May 2021 12:00:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6aac9458b6604309e941553b6bdfe983"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 lozad.min.js Show response
gloss.ua/user/js/ 3 KB
2 KB 44ms
43ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/lozad.min.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: 3edce34d005dc482173865875381bd5224b5fab5260baf12bf54abbaa7a11143

Request headers

:path: /user/js/lozad.min.js
pragma: no-cache
cookie: vs=5e2cc96f6d71a177c71a8f07e7177277; _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1; store.test=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:52 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5fb24c31-dea"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: GUftMO_tVBQ9BnLqwOnc5RYwurKR54dHDCmL7ljZl97BUMNdJCQJrA==
expires: Sat, 19 Jun 2021 12:00:52 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/ru_RU/ 215 KB
64 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=a50ad5eb81002d9644ad03fbd02cfb31&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b5b0be9c7b9a1ab11e553060fd018f95e2cc35b137c6de36f2115c209f928e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vbY+SK4HACnj9ilOqvEyfw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64989
x-fb-rlafr: 0
x-fb-debug: wzk1B/OwdD/CgnEzVTkc2Ok/8a8y2kXuL7ZkW5sdfUBQ1WKXa74hNbEjXGK0ol9wZCTVhW0+1/6SK3ZRC5ovkg==
x-fb-content-md5: 4372bc360c661cd34fde40ba39448717
x-frame-options: DENY
date: Thu, 20 May 2021 12:00:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6e2e4507f7d4da88ade0c95676531f47"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 11:46:19 GMT

GET
H3-29

200

feedback.php Show response
www.facebook.com/plugins/ Frame 256E
Redirect Chain

https://www.facebook.com/v2.12/plugins/comments.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3...
https://www.facebook.com/plugins/comments.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss...
https://www.facebook.com/plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss...

111 KB
26 KB

102ms
102ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=a50ad5eb81002d9644ad03fbd02cfb31&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17574661f647f47004e9c88d1d22adc9654a3129701872c5a61f5e4cdc38e200

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: 3on861nbDziPNK4A2KD9X6EERjvN/amCf56Sb19Ikq7loclxhMe9NzinRBObVcfdFKT5vl280mkioEx96Bty4g==
date: Thu, 20 May 2021 12:00:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 84cPUxJOwrokx018DcsWekG2MV8uPkganDCKVbkjLBDtNJZsLKn0pBPpZQ8uBz3573siiJe3SLBLeS8lVDurCw==
content-length: 0
date: Thu, 20 May 2021 12:00:52 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 page.php Show response
www.facebook.com/v2.12/plugins/ Frame 8CC4 55 KB
17 KB 203ms
194ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=a50ad5eb81002d9644ad03fbd02cfb31&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3dabf2c4fe82c99700c5566963d716e86df1210676103b674fed928e8ad73e6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.3
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: HU5cnds2upA23JWrmbrcqKT7pNnkBtc51vM9WblKkDVM1vbfseOciBJgnYJfWSzMbCU67mtqzR6SQdo8HFgzsQ==
date: Thu, 20 May 2021 12:00:52 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 dGyBNschFSy.css
www.facebook.com/rsrc.php/v3/yH/l/0,cross/ Frame 8CC4 27 KB
6 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/dGyBNschFSy.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564219d2e74f1d2a3db8f93d0d78b161d8720b5df1a15a2930ad0c3aa9b68b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 16:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ai4jrSolxdI4DxYyLv7C+g==
cross-origin-resource-policy: cross-origin
content-length: 6234
x-fb-rlafr: 0
x-fb-debug: NQ5All8KarTthy8a64kJg0bCPIiOf83F/DTmV1DbBhlWgA3EXHW+D2OzjaqqCS0RsdT2oaSEwJ+/zQWhiYv5fg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 16:13:10 GMT

GET
H3-29 200 oJrb3s-Lusb.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame 8CC4 293 KB
80 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/oJrb3s-Lusb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d6bc34f42a2d91ad2a2e83cae5a83aa5e0eeae8e2b6800cbac0cc5619e41aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 22:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aDm6M8NFCe9jW1YFZ1k/yA==
cross-origin-resource-policy: cross-origin
content-length: 81414
x-fb-rlafr: 0
x-fb-debug: k40nfqTMX6Ayx8sd1hS1J/dcR7DNsRs74N7e1xtN/D8BC5nSSVihLyGbHus9TcI29Z1r/l2za++G+jmCh2fsWg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 22:33:40 GMT

GET
H3-29 200 K9HKN1IToZS.js Show response
www.facebook.com/rsrc.php/v3/yK/r/ Frame 8CC4 63 KB
19 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/r/K9HKN1IToZS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51cea5995d98be6f4ae4ba32b305aba45a876547860b278a0fe86adeb8736768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 03:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 020vXGECFr3dmY4IQA0Jmg==
cross-origin-resource-policy: cross-origin
content-length: 19605
x-fb-rlafr: 0
x-fb-debug: jB5K1hHnuMqu9i2b4sIc+GWQe6GLqsJRJlQLQF0s6OjRD9QmAHXaBdVOY5csuyOWUp6u6v5uQ9Vf9n6FR64G8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 03:43:41 GMT

GET
H3-29 200 Sy0gNxrJTY0.js Show response
www.facebook.com/rsrc.php/v3iI4w4/yh/l/ru_RU/ Frame 8CC4 130 KB
36 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iI4w4/yh/l/ru_RU/Sy0gNxrJTY0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3068a1e4f3aa565fd4d61bae0b42fae278859f3b2e7d0e5e17c4cb7fa9d68c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 20:06:36 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DGY20WIJGEe1PAYVEj1dhQ==
cross-origin-resource-policy: cross-origin
content-length: 36735
x-fb-rlafr: 0
x-fb-debug: 7JvwNLgR05OQolmurMrfcGdl8nh5H+l/zEvjvlY0cFoeCjvRemQ/XQeSjwoz4V6UGokbDNOAznoqh4dmHwWf2w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 May 2022 20:06:36 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame 8CC4 5 KB
2 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 01:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: 2nA+GAgItYdp+lW6SpZhaE8Ejhp7glxENDMTuwQ5EyhYazlke4oqaTPUtKQGRpUGVhlRQhPiUmemjZC+/slpcA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 01:24:25 GMT

GET
H2 200 121387264_10157966798338471_4943583367370931312_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-0/p296x100/ Frame 8CC4 13 KB
13 KB 7ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-0/p296x100/121387264_10157966798338471_4943583367370931312_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=dd9801&_nc_ohc=aowRuvGILU4AX-cjseP&_nc_ht=scontent.xx&tp=6&oh=7e539c9b8106092310b6aefb2b552199&oe=60CCA020
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 10b5c4ba36de35a1248842af9414553c31daa8d1ff3882ee9d9d0427d8aaff0b

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1703118199
date: Thu, 20 May 2021 12:00:53 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 12 Oct 2020 13:54:20 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3794972305
x-fb-config-version-olb-prod: 5259cb536aba4013b199a505360bb084
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 12880

GET
H2 200 39216138_10155963322273471_7083062423053139968_n.png
scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 8CC4 2 KB
2 KB 6ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/39216138_10155963322273471_7083062423053139968_n.png?_nc_cat=103&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=ykACopDt5noAX9op4-Y&_nc_ht=scontent.xx&tp=30&oh=ed65f6701ec70126d92ea9836fc8ebd9&oe=60CB39A8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5df82a741f35f402aec3988e3229a76506426466186a5ebb21813cb96efc1614

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4209806785
date: Thu, 20 May 2021 12:00:53 GMT
x-fb-trip-id: 917726464
last-modified: Wed, 15 Aug 2018 13:27:50 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2529992216
x-fb-config-version-olb-prod: 5259cb536aba4013b199a505360bb084
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1792

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 8CC4 573 B
623 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/dGyBNschFSy.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/dGyBNschFSy.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: eOuHerzS05PYKhVc9qhtMaL7K6ieL7g9xi13v99RYzaWVs+YNrDZbaAuoCxNCw/EoPVZWGpQEsVmfM8HUFnpIA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Sat, 15 May 2021 00:13:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 573
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Sun, 15 May 2022 00:13:03 GMT

GET
H3-29 200 OWZp4_xUa5c.js Show response
www.facebook.com/rsrc.php/v3/yk/r/ Frame 8CC4 568 B
404 B 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yk/r/OWZp4_xUa5c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/r/oJrb3s-Lusb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c697102f60f02fbc9ea436f688817b3049d59c9a96653d78d934eea29cc7ac1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OEnCG1axKeLJjF1QKg+YKQ==
cross-origin-resource-policy: cross-origin
content-length: 352
x-fb-rlafr: 0
x-fb-debug: hVSU68r5Z12NU98rmKDIcIGGyTpa5iPE365r0uKHgC1LQo+7M9e/tcL8ehyaTNJbj01DbPNuwV+vmOMy94vb5g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 19:12:52 GMT

GET
H3-29 200 p_rTUgzMfWo.js Show response
www.facebook.com/rsrc.php/v3/yD/r/ Frame 8CC4 17 KB
6 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yD/r/p_rTUgzMfWo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/r/oJrb3s-Lusb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cbc34c853bd77e1fba169f18ed8f02f906918ea509dfb94816b2ddb25d41d43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 16:20:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0Bj9eVbtmjSDJ4+VPWKj4w==
cross-origin-resource-policy: cross-origin
content-length: 5661
x-fb-rlafr: 0
x-fb-debug: rbx2TznnpnHz0hgQZKUb5EAem+mQXwIgAtTjyX6syN82H79b6A2G+AgQPF/Ht1yf7bSaS47RDBKq+mdAxzP1Zg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 16:20:44 GMT

GET
H3-29 200 cxXHWgcb5hd.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame 8CC4 5 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/cxXHWgcb5hd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/r/oJrb3s-Lusb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e789f58ea6ebfb3eb1a0d85fc19d3676857fdbb7ae8d11ae6c047f4137ecf77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 22:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7VMjtALUbazakPOCe5J/bg==
cross-origin-resource-policy: cross-origin
content-length: 1854
x-fb-rlafr: 0
x-fb-debug: 2gE7QOLJNhsgsIK7ldhfkRuQvUtFS0rXWmy+XXCEtZdy2SrzlfUsWWKJpV6YXP6qbyR3JsgagVKd8Px8is0RHQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 22:22:42 GMT

GET
H3-29 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame 8CC4 7 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/r/oJrb3s-Lusb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v2.12/plugins/page.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df123df367cf06b%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgloss.ua%2F&locale=ru_RU&sdk=joey&show_facepile=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy: cross-origin
content-length: 2270
x-fb-rlafr: 0
x-fb-debug: LaMWYoGJbmoQ38Uf06ZaYazB/maif2aureE3y1YZLxe0QH6uA401NnmFrrm/0dvcxhHAy5Uu2RSji/3MC7hxsQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 02:18:26 GMT

GET
H2 200 6N8GLr7UNkX.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ Frame 256E 55 KB
11 KB 25ms
7ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/6N8GLr7UNkX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=123293907687725&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df20c558774b8df4%26domain%3Dgloss.ua%26origin%3Dhttps%253A%252F%252Fgloss.ua%252Ff33bba46fb2b624%26relation%3Dparent.parent&container_width=670&height=100&href=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&locale=ru_RU&numposts=5&sdk=joey&version=v2.12&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893363da7fd2a5f63da4e52646bd1e3138de0ec9efc53aac865ae09d5a2c7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pbByt8RhE3HoL7okHN9j8A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11237
x-fb-rlafr: 0
x-fb-debug: qYzfjD9jnEOAdJFRpT1MyiWN0woIMfFZhkMTT7ym7GZGxvzJYyEe3Q7uEs5/zEAaFo0ZGjOD6ju3ijT+L0Sd7A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 18:19:11 GMT

GET
H2 200 of3W6kmxqoW.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame 256E 127 KB
21 KB 23ms
7ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cb0b17af2e69cc2c148c2d0834edb7413541002a6146fcf387fcf316fd19905

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 90OHvJ4EZtjVln9Miwp8BA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20852
x-fb-rlafr: 0
x-fb-debug: bvZVBH+cj3hv4qY09cNcgqPLT7WRbcY7x36H/aaEnDsCtlesShANd7v5kkuufeTneAOBMKs3sULkR5oOfCX7/g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 19 May 2022 16:20:43 GMT

GET
H2 200 oJrb3s-Lusb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 256E 293 KB
80 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/oJrb3s-Lusb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d6bc34f42a2d91ad2a2e83cae5a83aa5e0eeae8e2b6800cbac0cc5619e41aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aDm6M8NFCe9jW1YFZ1k/yA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 81414
x-fb-rlafr: 0
x-fb-debug: k40nfqTMX6Ayx8sd1hS1J/dcR7DNsRs74N7e1xtN/D8BC5nSSVihLyGbHus9TcI29Z1r/l2za++G+jmCh2fsWg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 22:33:40 GMT

GET
H2 200 2bU9hU0RanO.js Show response
static.xx.fbcdn.net/rsrc.php/v3i6l24/y2/l/ru_RU/ Frame 256E 157 KB
44 KB 35ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i6l24/y2/l/ru_RU/2bU9hU0RanO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c177cd91e6820c92e6734c753c5427adf119c24109741f58fce702af10bb4421

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Qvl+zL2obu6pjKg1SoJmTw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44442
x-fb-rlafr: 0
x-fb-debug: vRK20yID9CPQVUmGxibOYPEAolwOfsySsphHd28X+hg9ElCt5rXgjapK1jz50ANJhgr6CRnO6si4bjBeB0uhCA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 03:47:28 GMT

GET
H2 200 68ELP8nqns2.js Show response
static.xx.fbcdn.net/rsrc.php/v3i8C14/yp/l/ru_RU/ Frame 256E 38 KB
11 KB 34ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i8C14/yp/l/ru_RU/68ELP8nqns2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5c7fa5c4d92e8298e6e72aa9b9a8680e477fccd573b335ca0ad4c2d37420308

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: r4POyKYJ5iiVn4Dg1VE71A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11530
x-fb-rlafr: 0
x-fb-debug: FTA0vc9BsQZGu5AjPfgrNvcTWtphWmOyCTPWKXDZ5yatWWda8FxKR/tA3xz/lFlhMf/jiK1AwjI6U8N7Ev1HFA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 00:01:48 GMT

GET
H2 200 3x1KAwoDIIG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSSS4/yv/l/ru_RU/ Frame 256E 1 MB
324 KB 33ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSSS4/yv/l/ru_RU/3x1KAwoDIIG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6bfa2404f50b950e51de5104cb4ab70e5be066c1d244f85364b6e8d2b4ea845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8R/RCwpZO3nsU34epJa43w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 331239
x-fb-rlafr: 0
x-fb-debug: Kofs2UXEFPb9506WCO0NUyiPVMmmoRJgIOyaQkIZa9A+wzeAPMjt1/VlM6oJU2CQYI7KD5aCUB/r5T5oCuPs+g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 00:47:33 GMT

GET
H2 200 e5r4-M0wLBD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 256E 35 KB
11 KB 33ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/e5r4-M0wLBD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5a83eabfb238c654e3791a5873f78692575aa779159a35f2b373ee0d767e1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: daynVQWmFhHvfwcLIN/U8w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11196
x-fb-rlafr: 0
x-fb-debug: enSTj67DhqCmnNJtkI2SrmiibE7S8PIvttzzVzaAKqgmJ4/9P/0OpmMmp52EdANpPXWfxT4QoMU0SgY3fE5YEA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 21:50:30 GMT

GET
H3-29 200 4vSS-ujAKMP.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 256E 51 KB
51 KB 14ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/4vSS-ujAKMP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: s4YTsi34XyA4MzgfoWHFsIjSmsf2Dox1jMJrLQ25/SN4drtGFA7PSzFnB/K9w6K0iIgrhDeV0/Os2gekXOjwvw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: umwqwUgDRbunxPVSLaal0g==
date: Thu, 20 May 2021 12:00:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 52671
x-fb-rlafr: 0
expires: Thu, 19 May 2022 01:08:16 GMT

GET
H3-29 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 256E 1 KB
1 KB 6ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: DS0l3X2SjWgyz/W4hJIApBzGm9k/e9Y4VYkTGb7aR+3wtGDgR34ujyPdnDhF/qykerJQ4Gc/KgAv/dvYt+/USg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
date: Thu, 20 May 2021 12:00:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 1131
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Sat, 14 May 2022 23:50:21 GMT

GET
H/1.1 200
OK s Show response
h.holder.com.ua/ 1 KB
2 KB 103ms
32ms Script
text/javascript 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b3467&p1&c1&r0.68546402&dholder_640x360_3467&hhttps%3A//gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: ea3676ec6710be8b4f8489021b0ef2ef39b387af6de5d08a128a5d5e23327518

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
P3P: policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Keep-Alive: timeout=5
Content-Length: 1414
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 branding.js Show response
gloss.ua/user/js/ 4 KB
2 KB 44ms
44ms Script
application/javascript 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/js/branding.js
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash: a28703ce179064607514318635ee6f2f733385950462ebcdb2d7daf9a2e149f5

Request headers

:path: /user/js/branding.js
pragma: no-cache
cookie: _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1; store.test=; vs=f11e82f124cfe55f46d3c40d13e0aaa5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gloss.ua
referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 13:39:06 GMT
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
etag: W/"5fd224fa-fe9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-id: 808xz0tz9k9yZYCYggTwQNPIN5FNtKwKWhCaBCry_PdEsrjswFOkFQ==
expires: Sat, 19 Jun 2021 12:00:53 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 14 KB
4 KB 25ms
9ms Script
application/javascript 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9353347318774398&cpv=32c8400c-2289-89fe-9127-7302659cc3ac&responseType=default&uids=%7B%7D&fpd=%7B%7D&data=%7B%22id%22%3A%22c6fa76c6-83e6-4950-b72d-99e4b8997718%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgloss.ua%252Fpress-release%252F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274997cf6-8a08-968c-5e87-ed40dbe9481e%22%2C%22tagid%22%3A%22fbc9c5f6-46be-4905-a275-6cce8bccc85a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_premium_inner%22%2C%22pos%22%3A1%7D%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

7a9c13ce955591e0934480815ec2dd24680a7c4cab16ef137d20d2146ce7f456

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 3618
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 10 KB
4 KB 24ms
9ms Script
application/javascript 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1506558585868398.2&cpv=32c8400c-2289-89fe-9127-7302659cc3ac&responseType=default&uids=%7B%7D&fpd=%7B%7D&data=%7B%22id%22%3A%22c3d87a6e-7f3f-01b2-8156-b27b4747d172%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgloss.ua%252Fpress-release%252F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e6e47441-899c-2450-f8a8-a52f2ef3c8bf%22%2C%22tagid%22%3A%22737f5c15-3bfb-428a-aa43-3dcdf26eb14c%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_rm_inner%22%2C%22pos%22%3A0%7D%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

8eafa395e8d6d11d2aecefd1b87583205ba78a973b260d6bb3aceb2f9c0e1be7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 3651
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 12 KB
4 KB 35ms
20ms Script
application/javascript 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8020164340976255&cpv=32c8400c-2289-89fe-9127-7302659cc3ac&responseType=default&uids=%7B%7D&fpd=%7B%7D&data=%7B%22id%22%3A%2261c64ed3-bebf-21f3-8cf3-46a7fb176992%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgloss.ua%252Fpress-release%252F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254309647-2480-fb17-81b7-5be235411720%22%2C%22tagid%22%3A%226e34ac41-f6e8-42d8-8020-0a281cf4438c%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_top_inner%22%2C%22pos%22%3A1%7D%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

158b733d7ea2566df2cce3580ac2744d7302e3007224b6cb15e430a7aabe2156

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 3513
X-Xss-Protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 51ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gloss.ua
date: Thu, 20 May 2021 12:00:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
ww251.smartadserver.com/prebid/ 0
316 B 84ms
29ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww251.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:53 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://gloss.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 50ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gloss.ua
date: Thu, 20 May 2021 12:00:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
316 B 69ms
28ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:53 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://gloss.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1DD5 2 KB
818 B 41ms
8ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59d216e971852f2

Requested by

Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9353347318774398&cpv=32c8400c-2289-89fe-9127-7302659cc3ac&responseType=default&uids=%7B%7D&fpd=%7B%7D&data=%7B%22id%22%3A%22c6fa76c6-83e6-4950-b72d-99e4b8997718%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgloss.ua%252Fpress-release%252F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274997cf6-8a08-968c-5e87-ed40dbe9481e%22%2C%22tagid%22%3A%22fbc9c5f6-46be-4905-a275-6cce8bccc85a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_premium_inner%22%2C%22pos%22%3A1%7D%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59d216e971852f2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 95ms
28ms Image
image/gif 52.19.6.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=6dfec62090234229bf17b3098782ac33&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.6.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
252 B

13ms
12ms

Image
image/gif

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:53 GMT, Thu, 20 May 2021 12:00:53 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 20 May 2021 12:00:53 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
904 B 1088ms
269ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=6dfec62090234229bf17b3098782ac33
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20-May-2021 21:00:53 +0900
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Type: image/gif;
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4c7191b3-e9ef-528c-b623-5922d6851657

43 B
448 B

9ms
9ms

Image
image/gif

146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4c7191b3-e9ef-528c-b623-5922d6851657

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4c7191b3-e9ef-528c-b623-5922d6851657
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ 0
0 891ms
621ms Image
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://gloss.ua
Access-Control-Allow-Credentials: true

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-6398147516
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=A0PRD-u5mHsdSidrn-JOibw

43 B
448 B

71ms
70ms

Image
image/gif

146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=A0PRD-u5mHsdSidrn-JOibw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:54 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 12:00:53 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=A0PRD-u5mHsdSidrn-JOibw
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEDDtmBRmnmnJ5sN7fqv0FyY&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

35 B
351 B

51ms
20ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmRmZWM2MjA5MDIzNDIyOWJmMTdiMzA5ODc4MmFjMzM=&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NmRmZWM2MjA5MDIzNDIyOWJmMTdiMzA5ODc4MmFjMzM=&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEJ-kBshzH2iLG6K8uuBdT3g&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

35 B
351 B

47ms
18ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 220a3ab992256d1ee152.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
11 KB 20ms
19ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/220a3ab992256d1ee152.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:35 GMT
server: nginx
etag: W/"609a8fa7-7029"
vary: Accept-Encoding
x-cached-since: 2021-05-11T14:12:37+00:00
content-type: application/javascript
access-control-allow-origin: https://nayrouz.com
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Thu, 12 May 2022 14:12:37 GMT

GET
H2 200 ede2c96e6a0d474ef44e.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
18 KB 21ms
20ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ede2c96e6a0d474ef44e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:48 GMT
server: nginx
etag: W/"609a8fb4-a7af"
vary: Accept-Encoding
x-cached-since: 2021-05-11T14:12:34+00:00
content-type: application/javascript
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Thu, 12 May 2022 14:12:34 GMT

GET
H2 200 ef30fd68f07ce65f2dec.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 21ms
19ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ef30fd68f07ce65f2dec.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:49 GMT
server: nginx
etag: W/"609a8fb5-326c"
vary: Accept-Encoding
x-cached-since: 2021-05-11T14:12:34+00:00
content-type: application/javascript
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Thu, 12 May 2022 14:12:34 GMT

GET
H2 200 c9b3c2772742a8f4dab8.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 21ms
20ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c9b3c2772742a8f4dab8.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:45 GMT
server: nginx
etag: W/"609a8fb1-2a79"
vary: Accept-Encoding
x-cached-since: 2021-05-11T14:12:34+00:00
content-type: application/javascript
access-control-allow-origin: https://www.gismeteo.ua
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Thu, 12 May 2022 14:12:34 GMT

GET
H2 200 910dbc9c4cc7e1fe13ea.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
73 KB 22ms
20ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/910dbc9c4cc7e1fe13ea.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: dce31a6eb9372790fc1bffe91850698f06d5f85efe59555770f63aa8f0693537

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 14:07:41 GMT
server: nginx
etag: W/"609a8fad-35418"
vary: Accept-Encoding
x-cached-since: 2021-05-18T17:25:10+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Thu, 19 May 2022 17:25:10 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 949C 2 KB
818 B 36ms
8ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59d216e971852f2

Requested by

Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1506558585868398.2&cpv=32c8400c-2289-89fe-9127-7302659cc3ac&responseType=default&uids=%7B%7D&fpd=%7B%7D&data=%7B%22id%22%3A%22c3d87a6e-7f3f-01b2-8156-b27b4747d172%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgloss.ua%252Fpress-release%252F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e6e47441-899c-2450-f8a8-a52f2ef3c8bf%22%2C%22tagid%22%3A%22737f5c15-3bfb-428a-aa43-3dcdf26eb14c%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_rm_inner%22%2C%22pos%22%3A0%7D%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59d216e971852f2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YTM5MjNkMWZjZjkwNDY2OGE1ZDg1ZTI5M2EwMzE1MDM=&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YTM5MjNkMWZjZjkwNDY2OGE1ZDg1ZTI5M2EwMzE1MDM=&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELvWtOF_av1mzv4td-yWlXc&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

35 B
351 B

32ms
15ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
148 B 30ms
29ms Image
image/gif 52.19.6.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=a3923d1fcf904668a5d85e293a031503&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.6.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
904 B 1073ms
267ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=a3923d1fcf904668a5d85e293a031503
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20-May-2021 21:00:53 +0900
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Type: image/gif;
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 37ms
13ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gloss.ua
date: Thu, 20 May 2021 12:00:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 38ms
14ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gloss.ua
date: Thu, 20 May 2021 12:00:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
316 B 63ms
28ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/306443839e6ad02abd2f.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:53 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://gloss.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 3B41 2 KB
818 B 12ms
7ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59d216e971852f2

Requested by

Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8020164340976255&cpv=32c8400c-2289-89fe-9127-7302659cc3ac&responseType=default&uids=%7B%7D&fpd=%7B%7D&data=%7B%22id%22%3A%2261c64ed3-bebf-21f3-8cf3-46a7fb176992%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgloss.ua%252Fpress-release%252F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254309647-2480-fb17-81b7-5be235411720%22%2C%22tagid%22%3A%226e34ac41-f6e8-42d8-8020-0a281cf4438c%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_top_inner%22%2C%22pos%22%3A1%7D%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59d216e971852f2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZWJiM2QzYzEzYTIzNDBiMWE2NWNkM2FhZDE5YTc3MGE=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEB4kvBVVsT5Y3QQbJsk7Oh4&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a

35 B
351 B

44ms
15ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ebb3d3c13a2340b1a65cd3aad19a770a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
148 B 32ms
28ms Image
image/gif 52.19.6.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=ebb3d3c13a2340b1a65cd3aad19a770a&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.6.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
904 B 1074ms
268ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=ebb3d3c13a2340b1a65cd3aad19a770a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20-May-2021 21:00:54 +0900
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Type: image/gif;
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 27 KB
9 KB 57ms
18ms Script
application/javascript 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1560&height=300&width=400&tld=gloss.ua&ctype=div
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8fbe99cac77c56627e9529552e91498163cb49c395e5dd7e0aa8e24ff07c74e5

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 19:18:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6009d36e-6cbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 20 May 2021 13:00:53 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 1073ms
1056ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=a3923d1fcf904668a5d85e293a031503&zone=737F5C15-3BFB-428A-AA43-3DCDF26EB14C&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=ad387e58-341a-4e62-b947-a9d9d07bb3b8&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=NDU%3D&asign=-1088770120&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=4CF415EB-B771-4EAD-AB42-B8DBC04EED68&crid=4CF415EB-B771-4EAD-AB42-B8DBC04EED68&profile=8CE3C9F8-1FF1-4973-ACDD-1B5B50E46075&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:54 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 19ms
6ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=ebb3d3c13a2340b1a65cd3aad19a770a&zone=6E34AC41-F6E8-42D8-8020-0A281CF4438C&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=f4c64ecf-9fde-4afe-b420-26e19f0d013a&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537621789&ap=MA%3D%3D&asign=-897694831&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&crid=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&size=350x240&profile=A01BDF0B-F125-40F1-9022-C7F2F7F7F847&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 7ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MA%3D%3D&asign=-316392887&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&crid=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&size=350x240&profile=5EEA8F57-F0AA-4422-A5D9-20C13E0F2FBF&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 7ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MA%3D%3D&asign=-316392887&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&crid=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&size=350x240&profile=476857EE-5211-4F53-A2E9-6B14A06EFC2C&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 7ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=ebb3d3c13a2340b1a65cd3aad19a770a&zone=6E34AC41-F6E8-42D8-8020-0A281CF4438C&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=f4c64ecf-9fde-4afe-b420-26e19f0d013a&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537621789&ap=MA%3D%3D&asign=-897694831&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&crid=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&size=350x240&profile=36DBA250-021E-4192-BB34-F2EE916251DD&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 12ms
6ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MA%3D%3D&asign=-316392887&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=D0EEA9F9-C933-4D86-8C78-4628D65839DD&crid=D0EEA9F9-C933-4D86-8C78-4628D65839DD&size=350x240&profile=08C7770D-D6A5-444B-8C99-6C11B1376450&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A96D 132 KB
47 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 12:00:53 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 13ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=ebb3d3c13a2340b1a65cd3aad19a770a&zone=6E34AC41-F6E8-42D8-8020-0A281CF4438C&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=f4c64ecf-9fde-4afe-b420-26e19f0d013a&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537621789&ap=MA%3D%3D&asign=-897694831&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&crid=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&size=350x240&profile=A30ACB44-18F1-45CA-BA85-5B440B44C7DF&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 12ms
6ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=ebb3d3c13a2340b1a65cd3aad19a770a&zone=6E34AC41-F6E8-42D8-8020-0A281CF4438C&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=f4c64ecf-9fde-4afe-b420-26e19f0d013a&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537621789&ap=MC4zNzQxNjY%3D&asign=1810625340&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&crid=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&size=728x90&profile=45223BF7-5B11-417C-A48B-79F59E3A3175&adv=Google&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 58F0 132 KB
47 KB 38ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 12:00:53 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 8ms
7ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MA%3D%3D&asign=-316392887&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=742F880D-0B09-4A22-9509-965113280D36&crid=742F880D-0B09-4A22-9509-965113280D36&size=350x240&profile=C27F7D27-35B0-471E-9AB7-5DD4D760EF40&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 7ms
6ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MS4x&asign=1605920783&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=154AB39E-2430-4ED0-B469-A2976796237E&crid=154AB39E-2430-4ED0-B469-A2976796237E&size=300x600&profile=DF512DF6-B57D-4C30-9173-E7AF47B59252&adv=Google&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:53 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 gloss.ua.720031.js Show response
jsc.mgid.com/g/l/ Frame 33C2 602 KB
124 KB 53ms
36ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b3467&p1&c1&r0.68546402&dholder_640x360_3467&hhttps%3A//gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7b6da2a827a640423cbca9ef5f150970b8cf40accbd930af6cc89e5905614c

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 4345
cf-polished: origSize=615962
last-modified: Tue, 18 May 2021 09:39:35 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MVSM3PMNC6ATMVS9
x-amz-id-2: OIVAtPHWXeEjGSGjfSwlhfEUK68vtL36xKYg6MlrEdU5qNkvQyFenRjdSHsnKgM987Sgfz/PrYc=
cf-bgj: minify
server: cloudflare
etag: W/"df1e8a5989cb48ee04f4f234b13d4dc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0a2b3f7cfa0000535dd98d9000000001
cf-ray: 6525684189be535d-FRA
expires: Thu, 20 May 2021 15:00:54 GMT

GET
H2 200 cmeter_an.js Show response
source.mmi.bemobile.ua/cm/ 10 KB
4 KB 132ms
60ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b3467&p1&c1&r0.68546402&dholder_640x360_3467&hhttps%3A//gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-2699"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET
H/1.1 200
OK s
h.holder.com.ua/ 3 B
371 B 32ms
31ms Image
application/x-www-form-urlencoded 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.holder.com.ua/s?tv&p1&b3467&r1199559603
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 May 2021 12:00:54 GMT
Server: nginx
Content-Type: application/x-www-form-urlencoded; charset=windows-1251
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 3
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 14 KB
6 KB 45ms
45ms XHR
application/json 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1560&height=300&width=400&tld=gloss.ua&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=gloss.ua&top_url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&domain=gloss.ua&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&referrer=&async=1&uid=3768460222
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1560&height=300&width=400&tld=gloss.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 91c7758561261be22d7c120ff2d7f703e188a349f9bf548a1de54eabbcb14c63

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://gloss.ua
date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@6.6.2/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@6.6.2/swiper-bundle.min.css

14 KB
4 KB

15ms
14ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.6.2/swiper-bundle.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a9ae2aee9ffe0232fd5ab30974d2cd772577995295f98fa03c602fc207015de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81161
fly-request-id: 01F62CZTSB3TMBHXQSNWMKB1MP
content-encoding: br
vary: Accept-Encoding
cf-request-id: 0a2b3f7d010000d721ab8f4000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"362f-5NL9l/qdtFSUT06mOvvLtdg+2r0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 652568419925d721-FRA

Redirect headers

date: Thu, 20 May 2021 12:00:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 452
vary: Accept, Accept-Encoding
cf-request-id: 0a2b3f7cef0000d721d21dd000000001
fly-request-id: 01F64SYTPNZKA95B6V1EQY5RZY
server: cloudflare
location: /swiper@6.6.2/swiper-bundle.min.css
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
cf-ray: 6525684178ebd721-FRA

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 18ms
18ms Script
application/javascript 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1560&height=300&width=400&tld=gloss.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dcc9686092380ed166b3d71b02b857582a146063405edf63cf73a344bf234369

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Wed, 19 May 2021 13:36:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"60a51446-2a83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 20 May 2021 13:00:53 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 148 KB
47 KB 22ms
22ms Script
application/javascript 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1560&height=300&width=400&tld=gloss.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2c55231607eaf6c232fbbb071554d69927b2c520394b6a2e7ccf5c33b3cde101

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:53 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 12:20:15 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6076ddff-250e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 20 May 2021 13:00:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1560&height=300&width=400&tld=gloss.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c359acff62e450608a2fb3f67b480f7525cedb358a3b160750d086ecfcd708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "877 / 201 of 1000 / last-modified: 1621509323"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21323
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@6.6.2/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

141 KB
36 KB

40ms
40ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81160
fly-request-id: 01F62CZT1XGQREQPFRDWBPQVA5
content-encoding: br
vary: Accept-Encoding
cf-request-id: 0a2b3f7d470000d72169806000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"233d7-mZelZ23GqQ/jYOpc8MQCKmqF0Cg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 652568420a1fd721-FRA

Redirect headers

date: Thu, 20 May 2021 12:00:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19
vary: Accept, Accept-Encoding
cf-request-id: 0a2b3f7d130000d7217fb93000000001
fly-request-id: 01F64TC2Y54MX18VB1AF5CY9X3
server: cloudflare
location: /swiper@6.6.2/swiper-bundle.min.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
cf-ray: 65256841b965d721-FRA

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 39ms
37ms Stylesheet
text/css 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1560&height=300&width=400&tld=gloss.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
372 B 317ms
103ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 55ms
17ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
ad.vidver.to/delivery/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=ce738940-be5b-48a0-afe8-1d52cfa49d9a&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=ce738940-be5b-48a0-afe8-1d52cfa49d9a&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D67efa17d-486d-4e37-b217-58b4f8e2...
https://x.bidswitch.net/sync?dsp_id=80&user_id=131f60a6-4f76-4500-95f1-9e46b25dac4f&expires=30&ssp=prodoohmox&bsw_param=67efa17d-486d-4e37-b217-58b4f8e223fd&gdpr=0&gdpr_consent=
https://ad.mox.tv/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd
https://ad.mediawayss.com/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
https://ad.outstream.today/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
https://ad.adopx.net/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
https://ad.invamia.com/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
https://ad.vidverto.io/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=YWQudmlkdmVyLnRv
https://ad.vidver.to/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=

0
431 B

62ms
20ms

Image
text/html

190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 May 2021 12:00:55 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

location: https://ad.vidver.to/delivery/sync?userid=67efa17d-486d-4e37-b217-58b4f8e223fd&inner_redirect=1&inner_uuid=ecb2138b-fab0-4ba9-aa32-75559325026a&redirect_host_list=
date: Thu, 20 May 2021 12:00:55 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a29d37c6cbf3c5499c91b3c7256943b2fa63595af09521c9c8b223d1b159b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:07:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:51 GMT
server: sffe
age: 35633
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9984
x-xss-protection: 0
expires: Fri, 20 May 2022 02:07:01 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 03:57:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:04 GMT
server: sffe
age: 547400
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15332
x-xss-protection: 0
expires: Sat, 14 May 2022 03:57:34 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame 58F0 231 KB
85 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=gloss.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame C074 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlDn9ZFw3ptroMpSsdYhlpyYrJVJ8lk1YjFPIM0Gdc21NEQxs8rwSY369rXcHk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 19 May 2021 22:33:52 GMT
expires: Wed, 02 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 48422
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame A96D 231 KB
85 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=gloss.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H2 200 pubads_impl_2021051701.js Show response
securepubads.g.doubleclick.net/gpt/ 308 KB
109 KB 33ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 00:12:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H3-29 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 07:19:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 189689
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19684
x-xss-protection: 0
expires: Wed, 18 May 2022 07:19:25 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
306 B 138ms
137ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1621512054207153093776&uniqId=0da52&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&lu=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&pageView=1&pvid=17989a665c091e527e0&site=478022&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 65256842ddb6535d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f7dc60000535d2eae0000000001

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 15ms
13ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 2522
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 0a2b3f7dca0000535dd98f0000000001
cf-ray: 65256842dde3535d-FRA
expires: Fri, 21 May 2021 12:00:54 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
810 B 17ms
16ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 2522
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 0a2b3f7dcd0000535dc8384000000001
cf-ray: 65256842dde7535d-FRA
expires: Fri, 21 May 2021 12:00:54 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b7f36827268465082b3762b6dd9da6f6256dd3be1cf8ce64720559f6d8f06b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 58F0 198 B
405 B 16ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gloss.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=gloss.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2837155008cb38a38129ece18fe862656a43cbce76cafc24b8ca37513e9db978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 58F0 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gloss.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 58F0 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8C8 61 KB
22 KB 443ms
442ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

465e00c73f0567c59dff497d72ce8013692c8b59995f0a018966e0fbed402e56

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3E_Y-b2PACFT5jFQgdW14M4w&gqi=dk-mYOD0E8zTtgfc3YGoBg&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlDn9ZFw3ptroMpSsdYhlpyYrJVJ8lk1YjFPIM0Gdc21NEQxs8rwSY369rXcHk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3E_Y-b2PACFT5jFQgdW14M4w&gqi=dk-mYOD0E8zTtgfc3YGoBg&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 20 May 2021 12:00:54 GMT
server: cafe
content-length: 22144
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 58F0 10 KB
8 KB 26ms
25ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a225039cf67cc0ff2944ff4ab559b967a136ff476b30a1df28a887d6d066f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7711
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58F0 73 KB
27 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H2 200 1 Show response
servicer.mgid.com/720031/ 20 KB
6 KB 74ms
72ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720031/1?pv=5&cbuster=1621512054318397802837&uniqId=0da52&niet=4g&nisd=false&w=670&h=315&cols=2&ref=&cxurl=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&lu=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&pageView=1&pvid=17989a665c091e527e0&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b8e3890eb687ba94c79bd5d2c83c2070f3c6360894b10c289c8413ad2c96e5

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 65256843880d535d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f7e310000535dbd97e000000001

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 62ms
62ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A96D 198 B
212 B 28ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gloss.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8849094231493f70be8a0d4be15ba88fbca8dc0799f80912f4be9d35acf1c399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A96D 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gloss.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A96D 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A24 79 KB
27 KB 280ms
279ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=3279755405&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054103&bpp=1&bdt=238&idt=228&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=2036352084&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15&biw=1600&bih=1200&isw=728&ish=90&ifk=495514336&scr_x=0&scr_y=0&oid=3&pvsid=1667487972369955&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17nqjfkdxqx4&fsb=1&dtd=236

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d8a3627b3aa4d838323359656abbf6048bea270bb0240e188ff4a83cd59f2b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=3279755405&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054103&bpp=1&bdt=238&idt=228&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=2036352084&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15&biw=1600&bih=1200&isw=728&ish=90&ifk=495514336&scr_x=0&scr_y=0&oid=3&pvsid=1667487972369955&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17nqjfkdxqx4&fsb=1&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlDn9ZFw3ptroMpSsdYhlpyYrJVJ8lk1YjFPIM0Gdc21NEQxs8rwSY369rXcHk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 20 May 2021 12:00:54 GMT
server: cafe
content-length: 27189
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A96D 10 KB
7 KB 20ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d3a8bad0504fe37914f90985bde4ab2c551a7473f1eee73757bd7c6118f74c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A96D 73 KB
27 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gloss.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 B
251 B 59ms
58ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2466747806628128&correlator=3452385918354350&output=ldjh&impl=fifs&eid=31060783%2C31061042%2C31061220%2C44743689&vrg=2021051701&ptt=17&sc=1&sfv=1-0-38&ecs=20210520&iu_parts=21830442390%2Cgloss.ua%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1621512019&dt=1621512054384&dlt=1621512052246&idt=2102&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1200&adks=1847620969&ucis=1&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=1777598898&ga_fc=false&fws=516&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f012d9dd622664df18b0d2f901265cfb1e03278f6a846eaae5d86942f885661d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gloss.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
656122af7ddd3087d54786e8c57dd02a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 63ms
14ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://656122af7ddd3087d54786e8c57dd02a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 332ms
331ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2466747806628128&correlator=3452385918354350&output=ldjh&impl=fifs&eid=31060783%2C31061042%2C31061220%2C44743689&vrg=2021051701&ptt=17&sc=1&sfv=1-0-38&ecs=20210520&iu_parts=52555387%2Cgloss.ua_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm140%26yb_tt%3Dtt8%26yb_ff%3D0%26yb_th%3D4%26yb_tm%3D0%26yb_wd%3D4&cookie_enabled=1&bc=31&abxe=1&lmt=1621512019&dt=1621512054391&dlt=1621512052246&idt=2102&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=1200&adks=3148175092&ucis=2&ifi=2&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=1777598898&ga_fc=false&fws=516&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

850df99f7b3040ac647fe5eca8864805218bdbff5235da46ca6b0e9f326fee2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gloss.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 58F0 17 KB
6 KB 25ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A96D 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ Frame 33C2 22 KB
3 KB 30ms
6ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 12:46:16 GMT
server: nginx
etag: "5842-5ac0ca416b9a5-gzip"
vary: Accept-Encoding
x-cached-since: 2021-05-11T20:09:08+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 3244
expires: Wed, 11 May 2022 20:09:08 GMT

GET
H2 200 mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 22 KB
3 KB 30ms
7ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 12:46:16 GMT
server: nginx
etag: "5842-5ac0ca416b9a5-gzip"
vary: Accept-Encoding
x-cached-since: 2021-05-11T20:09:08+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 3244
expires: Wed, 11 May 2022 20:09:08 GMT

GET
H3-29 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 31ms
18ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 2522
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 0a2b3f7ed700009730973af000000001
cf-ray: 652568448f659730-FRA
expires: Fri, 21 May 2021 12:00:54 GMT

GET
H3-29 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 33ms
21ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 2522
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 0a2b3f7ed600009730af844000000001
cf-ray: 652568448f649730-FRA
expires: Fri, 21 May 2021 12:00:54 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
876 B 62ms
52ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1621512054481109685115
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59d61948f5b76096b5047ada80d295a7c561b6dc893e43fadd0e3ab2255f62e

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 51c93059-e6ea-46da-9a30-19ed3a1fd75e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 652568448afe535d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f7eda0000535dcb2fc000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 96DB 19 B
201 B 65ms
60ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1621512054485708033165
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: f76ad2e2-92d9-4307-b27e-020ef25bd5f8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 652568449b03535d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f7eda0000535de789c000000001
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 31ms
11ms Script
application/javascript 143.204.202.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:36:47 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 2mBT2Wet24RiZdnd6eyLdRJoi2qcIZCS5_PIpRY4dGcfRFt0J9LkUA==

GET
H2 200 aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.jpg
s-img.mgid.com/l/-/680x385/-/ 62 KB
62 KB 21ms
17ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/l/-/680x385/-/aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.jpg?v=1621512054-msucilkmuZDaP3VGA0PUCsdeSYIzJG8iceY7pa0kqDQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7946467fd9e9987b964e57648bf2c2b1bca88623f5f0fd7a1ed3aeb9ff684701

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: HIT
x-mg-request-uuid: 92a5e5ff-de08-4e97-b4ec-ef02bf95f4a1
age: 465994
cf-polished: qual=85, origFmt=jpeg, origSize=73400
content-disposition: inline; filename="aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63538
cf-request-id: 0a2b3f7edd0000535deb0ab000000001
last-modified: Wed, 12 May 2021 05:07:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 652568449b07535d-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/680x385/-/ 29 KB
30 KB 35ms
33ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1621512054-ofXAzWIUvRNAfxCWKP1sQXCr4_wBmdnK2bCR6cdGZkw
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8dc402493d4a935ea4159ad8e2c9deb7172cba884c17dd8a6ead89b02c9559d

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2d4a0f67-9381-43df-85cc-e5450f19ab6d
age: 2414369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29850
cf-request-id: 0a2b3f7ef200009730b5824000000001
last-modified: Thu, 22 Apr 2021 13:21:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 65256844bf7d9730-FRA

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp
s-img.mgid.com/g/8164838/680x385/0x0x2049x1366/ 18 KB
19 KB 42ms
40ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164838/680x385/0x0x2049x1366/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp?v=1621512054-9SYEcJ25Yn7x_DS_PZ8PkkrAi3eNpifPHfjDZ6mxcXo
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c41e23a493b4c8324c1a117e733df7f82447ca535f4d3cb22ec376f547b9a3

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: HIT
x-mg-request-uuid: 69c3987f-42b4-4296-8bd9-ec75cfe57ce9
age: 2433498
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18860
cf-request-id: 0a2b3f7ef300009730b937e000000001
last-modified: Thu, 22 Apr 2021 08:02:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 65256844bf7f9730-FRA

GET
H3-29 200 aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.jpg
s-img.mgid.com/l/-/680x385/-/ Frame 33C2 62 KB
63 KB 19ms
18ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/l/-/680x385/-/aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.jpg?v=1621512054-msucilkmuZDaP3VGA0PUCsdeSYIzJG8iceY7pa0kqDQ
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7946467fd9e9987b964e57648bf2c2b1bca88623f5f0fd7a1ed3aeb9ff684701

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: HIT
x-mg-request-uuid: 92a5e5ff-de08-4e97-b4ec-ef02bf95f4a1
age: 465994
cf-polished: qual=85, origFmt=jpeg, origSize=73400
content-disposition: inline; filename="aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63538
cf-request-id: 0a2b3f7ef000009730da2a8000000001
last-modified: Wed, 12 May 2021 05:07:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 65256844bf7c9730-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.mgid.com/g/8164852/680x385/-/ Frame 33C2 29 KB
30 KB 40ms
39ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1621512054-ofXAzWIUvRNAfxCWKP1sQXCr4_wBmdnK2bCR6cdGZkw
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8dc402493d4a935ea4159ad8e2c9deb7172cba884c17dd8a6ead89b02c9559d

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2d4a0f67-9381-43df-85cc-e5450f19ab6d
age: 2414369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29850
cf-request-id: 0a2b3f7ef200009730a7b90000000001
last-modified: Thu, 22 Apr 2021 13:21:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 65256844bf7e9730-FRA

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp
s-img.mgid.com/g/8164838/680x385/0x0x2049x1366/ Frame 33C2 18 KB
19 KB 43ms
41ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164838/680x385/0x0x2049x1366/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2QwZGE1NGNmMmY1ZTg3YmY5NGE3YTZhOGFhZjJiZWMyLmpwZWc.webp?v=1621512054-9SYEcJ25Yn7x_DS_PZ8PkkrAi3eNpifPHfjDZ6mxcXo
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c41e23a493b4c8324c1a117e733df7f82447ca535f4d3cb22ec376f547b9a3

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: HIT
x-mg-request-uuid: 69c3987f-42b4-4296-8bd9-ec75cfe57ce9
age: 2433498
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18860
cf-request-id: 0a2b3f7ef3000097309e1f8000000001
last-modified: Thu, 22 Apr 2021 08:02:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 65256844bf809730-FRA

GET get_cookie
pa.tns-ua.com/bug/ 0
0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03abd39d3605f4d09f9c4e3234b39b7a6c4eae8636c7e54a8a591c7fdf1a1bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7672
x-xss-protection: 0

GET
H2 200 adSrcNoUi.js Show response
video-native.mgid.com/scripts/ Frame 33C2 1 KB
623 B 6ms
6ms Script
application/x-javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Mon, 28 Sep 2020 12:35:01 GMT
server: nginx
etag: "56d-5b05ee52e311c-gzip"
vary: Accept-Encoding
x-cached-since: 2021-05-08T20:00:48+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 481
expires: Sun, 08 May 2022 20:00:48 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ Frame 33C2 25 KB
9 KB 35ms
8ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d087f1c0514937d5ba9d37abe3746f15822f15cedffd28fc446b440e9ddef5ec

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UxM5l5wxXCJ0jmiRWEyQ1ifIsFIDt1VumeziifF_uOvujdfXBCg1burNv2VWfLNmf2EySdAeuHUAarHqtI8OpKX1_JX8A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9068
last-modified: Wed, 19 May 2021 09:15:58 GMT
server: UploadServer
etag: "55ee5b192fadba2e8fc25be6ee6368db"
vary: Accept-Encoding
x-goog-hash: crc32c=OzgLtA==, md5=Ve5bGS+tui6Pwlvm7mNo2w==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1621415757932774
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9068
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 20 May 2021 12:05:54 GMT

GET
H2 200 native.css
video-native.mgid.com/mgPlayer/css/1.11/ Frame 33C2 48 KB
8 KB 7ms
5ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/native.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ad90f960243beeea5c703298139b6a6efe60425bcbd045a71c69049322d2bc19

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 08:57:59 GMT
server: nginx
etag: "bf39-5b1757ec97a78-gzip"
vary: Accept-Encoding
x-cached-since: 2021-05-05T13:05:11+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 8125
expires: Thu, 05 May 2022 13:05:11 GMT

GET
H2 200 native.css
video-native.mgid.com/mgPlayer/css/1.11/ 48 KB
8 KB 8ms
6ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/native.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ad90f960243beeea5c703298139b6a6efe60425bcbd045a71c69049322d2bc19

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 08:57:59 GMT
server: nginx
etag: "bf39-5b1757ec97a78-gzip"
vary: Accept-Encoding
x-cached-since: 2021-05-05T13:05:11+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 8125
expires: Thu, 05 May 2022 13:05:11 GMT

GET
H2 200 track
track1.aniview.com/ Frame 33C2 0
71 B 324ms
102ms Image
text/plain 35.168.104.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=5d82336828a061127b65a697&e=playerLoaded&cb=1621512054566
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4BB4 12 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 11:58:38 GMT
expires: Fri, 20 May 2022 11:58:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 136
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DCBB 12 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 11:58:38 GMT
expires: Fri, 20 May 2022 11:58:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 136
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 006C 783 B
781 B 22ms
17ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb16a3569e4c0b93672c18e5e724a0dc962f1be053ce90484a83c70707b6c7c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zQXDS65g1X6ungashS7JPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

expires: Thu, 20 May 2021 12:00:54 GMT
date: Thu, 20 May 2021 12:00:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zQXDS65g1X6ungashS7JPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 1298 190 KB
55 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 111227
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 19 May 2021 05:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:07:07 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1298 12 KB
5 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 111228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Wed, 19 May 2021 05:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:07:06 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1298 87 KB
27 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 111228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Wed, 19 May 2021 05:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:07:06 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1298 27 KB
9 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 111228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Wed, 19 May 2021 05:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:07:06 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 1298 40 KB
13 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 111228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Wed, 19 May 2021 05:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 05:07:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1298 4 KB
713 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:14:36 GMT
server: ESF
date: Thu, 20 May 2021 12:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1298 4 KB
690 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:18:11 GMT
server: ESF
date: Thu, 20 May 2021 12:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 12:00:54 GMT

GET
DATA 200
OK truncated
/ Frame 1298 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e42dec297797a1746fc148d7b1d1bbd39573d7123a0a8552e7cf35ff1bd74421

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11959827422705233990/ Frame 1298 12 KB
12 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11959827422705233990/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qk3pT-4haqfxRnd69dB4iYGuJD6pA

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76c38c297b9cc411b77a193041ced2749f15502176a52d15556cbd16b97ba2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 14:00:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 10:20:32 GMT
server: sffe
age: 424849
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12595
x-xss-protection: 0
expires: Sun, 15 May 2022 14:00:05 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1380436365541526711/ Frame 1298 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1380436365541526711/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4ql653_Qhc2b3w10HXHq-bNcWWUzTw

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7960bddefd3e3485ffdf8715f306349057f4e5f3c06ec9efff5f70a94a2a2a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 06:19:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 15:21:06 GMT
server: sffe
age: 20514
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7829
x-xss-protection: 0
expires: Fri, 20 May 2022 06:19:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1298 0
0 18ms
17ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTQhidk-mYPnhGtOSrATT_qXgDMfE_a9i59vStOsNloLNhYgWEAEgm9yJImCVAqAB1dX1wwPIAQapAjmvuxWkeLQ-4AIAqAMByAMKqgSjAk_QsG4ZvlsrdI9rM2ELlKSZg_UL7w_IH4pV3vXN-jmitxWSIRqc8crGj6KS-dd2Q5_nxdrlGrRfgCPZ6cKZqIEQC5FIoA4Kpsljw5b4N1Jev5cYkOS2blkNqYn13thl1j6vhpEowdYgYZG9nfiTDIRGKIBl-lRPmKT1CRkYJ3au6lmjYTy2wHvQCbP29B7ccvpnQSiDiQ3d_NUY4ETfLkOpCFbuzGL3t5XcREIBxdiJhyWTFuPN-KG6RyaJNgpZlTGgQ-auC__yhMBgY3Z8t-fxvf3WdhS1jhucRFyWrovECFHc43YvxwhMnNDqljDNG3fZq1JNiAjPY0oZD2PI3OFubli733cfPsDduxoIT8coOiQ2Acq55cyeoaVDglpbRIUzIsAEyMH-p8UD4AQBkgUECAQYAZIFBAgFGASgBjeAB5OqijyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQgr4H0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MzU0MzE3NDEwODMyODI2gAoDyAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTgyNDEwNDk0OTc2MDg5OTc&sigh=8BSpM5jY3V4&template_id=492
Requested by: Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1298 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 16:25:26 GMT
x-content-type-options: nosniff
server: cafe
age: 70528
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 20 May 2021 16:25:26 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1298 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 54037
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 20 May 2021 21:00:17 GMT

GET
H2 200 tracking
ad.mox.tv/delivery/ 50 B
50 B 29ms
24ms Image
text/html 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=Y3dzUy9DMExjUDVMenJ3djNuOE9KbmNUSGZoWlArN3JNRzNWTzhIYXNVUGxCQTZvcFhJYmhJaU02cVpBdW9xM2VtSEJYU2lod3Z1TUlHR2h1Zkg3YTQ2WjNyUVYrWEhpTzhaNjE5UXRieVVTdC9RVHdLa2pBalBOTGlTVUpEL1dieVJ5RmpmMFZUUTc3OUlKcGk1MUVwYVFUVGdJUm83VDNSRktjcWJVTm9zcFVvR2prcmRVSTcrdEJLZFZvZ1Q0cDFqR2VycEY2QzdBYm9raFpFZENSeDBvS3JiZEI1elZhdVRPVjZYbHM4ND0%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1621512054852&ns_c=UTF-8&cv=3.5&c8=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%87...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1621512054852&ns_c=UTF-8&cv=3.5&c8=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%8...

64 B
330 B

11ms
11ms

Image
image/gif

143.204.202.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1621512054852&ns_c=UTF-8&cv=3.5&c8=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%87%D1%87%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%B4%D0%B0%D1%80%D1%83%D1%94%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D1%96%D0%BB%D1%96&c7=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-85.fra53.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 3ZBkLoGJukEYuY9LAjJOHbcobTiQakexbt_NPc4GpCYGllxyedAvmQ==

Redirect headers

date: Thu, 20 May 2021 12:00:54 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1621512054852&ns_c=UTF-8&cv=3.5&c8=%D0%A2%D0%9C%20%22Rollton%22%20%D1%81%D0%B2%D1%8F%D1%82%D0%BA%D1%83%D1%94%2010-%D1%80%D1%96%D1%87%D1%87%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%B4%D0%B0%D1%80%D1%83%D1%94%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D1%96%D0%BB%D1%96&c7=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&c9=
content-length: 517
x-amz-cf-id: 9nzS0A9Rg-oCC4v7sVeI_wvicHNTBiS9VjQFitqPzqaG6uTWSjAmpQ==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A023
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

30ms
11ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1621512054481109685115
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gloss.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 May 2021 12:00:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Thu, 20 May 2021 12:00:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=gZQYdoPCTnaakExxgpVUeNPGGnWalEoig5Y5iSfD

43 B
145 B

9ms
7ms

Image
image/gif

52.58.45.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=gZQYdoPCTnaakExxgpVUeNPGGnWalEoig5Y5iSfD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.45.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=1&user_id=gZQYdoPCTnaakExxgpVUeNPGGnWalEoig5Y5iSfD
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l4kSDEu0_b05
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=67efa17d-486d-4e37-b217-58b4f8e223fd
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=67efa17d-486d-4e37-b217-58b4f8e223fd

43 B
445 B

13ms
13ms

Image
image/gif

3.124.27.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=67efa17d-486d-4e37-b217-58b4f8e223fd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.27.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 May 2021 12:00:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=67efa17d-486d-4e37-b217-58b4f8e223fd
date: Thu, 20 May 2021 12:00:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
514 B 89ms
59ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l4kSDEu0_b05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 652568470a544e3d-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f806c00004e3d55891000000001

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
448 B 100ms
76ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l4kSDEu0_b05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 652568470f694ebc-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0a2b3f806200004ebc80257000000001

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=75a61982-8730-4f9d-8d82-57cef1500d0f

43 B
555 B

64ms
64ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=75a61982-8730-4f9d-8d82-57cef1500d0f
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4d90b704-e75f-45c3-a749-f4f56a15dfc7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6525684c2b8b9730-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f8398000097309aad2000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=75a61982-8730-4f9d-8d82-57cef1500d0f
date: Thu, 20 May 2021 12:00:55 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=3065fb0d-a4cf-4e41-a16a-2555d36a1b40&ttl=1624104055

43 B
539 B

69ms
66ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=3065fb0d-a4cf-4e41-a16a-2555d36a1b40&ttl=1624104055
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e2a3dd69-b013-4618-9d7f-67e3d47a5e3c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6525684a4aaa9730-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f826f00009730bd242000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=3065fb0d-a4cf-4e41-a16a-2555d36a1b40&ttl=1624104055
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://cm.mgid.com/m?cdsp=501037&c=oYeiAk58fVqnWx7RvB07&pi=mgid

43 B
524 B

58ms
56ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=oYeiAk58fVqnWx7RvB07&pi=mgid
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b2e3b013-ff81-42a3-935d-cdf6ec47012d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6525684768dc9730-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f80a400009730c8ac0000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=oYeiAk58fVqnWx7RvB07&pi=mgid
pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT, Thu, 20 May 2021 12:00:54 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDRrU0RFdTBfYjA1&muidn=l4kSDEu0_b05
https://cm.mgid.com/google?muidn=l4kSDEu0_b05&google_ula={guid},5&google_gid=CAESEGvJDO41pNQOh-kDmP5YlEQ&google_cver=1

0
387 B

64ms
62ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l4kSDEu0_b05&google_ula={guid},5&google_gid=CAESEGvJDO41pNQOh-kDmP5YlEQ&google_cver=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6525684768dd9730-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f80a400009730a40c5000000001

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l4kSDEu0_b05&google_ula={guid},5&google_gid=CAESEGvJDO41pNQOh-kDmP5YlEQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 79D7 335 KB
96 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1f7f6b5d4c2aa3e8f3a326ba7383d14991eeee28e82ad79ec9d845a8cfad90bd

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UxWQQgwyMneuDzI12tmeM46mvZ0bbs1RgMzfHsO0FqbjIfSIC-s2VS5m5Kf1gaGxzIts5GEvoBGHAVlxbZYSHE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 97051
last-modified: Wed, 19 May 2021 12:48:51 GMT
server: UploadServer
etag: "f1aea8dd6a23edb41adfd8ff283ad96d"
vary: Accept-Encoding
x-goog-hash: crc32c=gm3KWA==, md5=8a6o3Woj7bQa39j/KDrZbQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1621428531341044
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 97051
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 20 May 2021 12:05:54 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 9ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:54 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 8ms
7ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:54 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1298 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 225934
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 17 May 2022 21:15:20 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1298 16 KB
16 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 146729
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 18 May 2022 19:15:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1298 9 KB
9 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:43 GMT
server: sffe
age: 225934
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
expires: Tue, 17 May 2022 21:15:20 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 8ms
7ms Image
text/plain 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=6e34ac41-f6e8-42d8-8020-0a281cf4438c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame 4A24 3 KB
578 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=3279755405&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054103&bpp=1&bdt=238&idt=228&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=2036352084&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15&biw=1600&bih=1200&isw=728&ish=90&ifk=495514336&scr_x=0&scr_y=0&oid=3&pvsid=1667487972369955&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17nqjfkdxqx4&fsb=1&dtd=236

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:15:31 GMT
server: ESF
date: Thu, 20 May 2021 12:00:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 9ms
7ms Image
text/plain 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=fbc9c5f6-46be-4905-a275-6cce8bccc85a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 May 2021 12:00:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 22 KB
3 KB 6ms
5ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 12:46:16 GMT
server: nginx
etag: "5842-5ac0ca416b9a5-gzip"
vary: Accept-Encoding
x-cached-since: 2021-05-11T20:09:08+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 3244
expires: Wed, 11 May 2022 20:09:08 GMT

GET
H2 200 XHcEUCFl-720.jpg
video-native.mgid.com/ 8 KB
8 KB 6ms
6ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video-native.mgid.com/XHcEUCFl-720.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:54 GMT
last-modified: Tue, 02 Apr 2019 14:58:39 GMT
server: nginx
etag: "202c-5858d5f4d012f"
x-cached-since: 2021-05-07T20:53:40+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 8236
expires: Sat, 07 May 2022 20:53:40 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B737 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 11:58:38 GMT
expires: Fri, 20 May 2022 11:58:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 136
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4A24 1 KB
909 B 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 11:56:23 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 4A24 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 11:57:50 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4A24 2 KB
1 KB 24ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 11:58:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A24 118 KB
36 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4A24 13 KB
6 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 11:59:48 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4A24 0
0 27ms
16ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrtF5ug4CA7bH_ipf6_4AA5vyk-7Luq4-csy6Axvz8OvDbWctJ0Jzkm6nj4lBlbalra0yK9GQXrvUEhqb4zOOmObnwwg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=3279755405&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054103&bpp=1&bdt=238&idt=228&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=2036352084&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15&biw=1600&bih=1200&isw=728&ish=90&ifk=495514336&scr_x=0&scr_y=0&oid=3&pvsid=1667487972369955&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17nqjfkdxqx4&fsb=1&dtd=236
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 7d9aee27bee51cf015d1b4a8dc2025e1.js Show response
www.gstatic.com/mysidia/ Frame 4A24 25 KB
10 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 22:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 22:15:01 GMT
server: sffe
age: 48558
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Tue, 17 Aug 2021 22:31:36 GMT

GET
H2 200 material.ttf
video-native.mgid.com/mgPlayer/fonts/ 5 KB
5 KB 27ms
5ms Font
application/x-font-ttf 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/fonts/material.ttf?bpbxtp
Requested by: Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/1.11/native.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599

Request headers

Origin: https://gloss.ua
Referer: https://video-native.mgid.com/mgPlayer/css/1.11/native.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 20 May 2021 12:00:55 GMT
last-modified: Thu, 12 Sep 2019 12:54:14 GMT
server: nginx
etag: "1248-5925aa28273f8"
x-cached-since: 2020-11-05T13:24:39+00:00
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 4680
expires: Fri, 05 Nov 2021 13:24:39 GMT

GET
H2 404 OpenSans-Regular.ttf
gloss.ua/user/fonts/ 0
0 46ms
45ms Font
text/html 13.32.25.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gloss.ua/user/fonts/OpenSans-Regular.ttf
Requested by: Host: gloss.ua
URL: https://gloss.ua/user/css/styles_news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-85.fra56.r.cloudfront.net
Software: nginx/1.15.9 /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://gloss.ua
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1278708326.1621512052; _gid=GA1.2.2091690816.1621512052; _gat_gtag_UA_8513368_1=1; store.test=; vs=f11e82f124cfe55f46d3c40d13e0aaa5; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C720031%22%3A%7B%22page%22%3A1%2C%22time%22%3A1621512054475%7D%7D; __gads=ID=8dbf764d3b75b64c:T=1621512054:S=ALNI_MarnaFeXDgRBEvXp_EnMdjPWD0xnA
:path: /user/fonts/OpenSans-Regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: gloss.ua
referer: https://gloss.ua/user/css/styles_news.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://gloss.ua
Referer: https://gloss.ua/user/css/styles_news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
server: nginx/1.15.9
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: 5CDb-N9mKYbqIfPRSEvgBF2a5C90wXTI0dhU9UXcFsYELQRRCblzxQ==

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16173390721409078692/ Frame 4A24 6 KB
6 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16173390721409078692/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf56b08a5cec9c1c72c7b1efb585d77a35bdb325c6fe49609664f8dcd37c869b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:32:53 GMT
x-content-type-options: nosniff
age: 275282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5957
x-xss-protection: 0
last-modified: Wed, 12 May 2021 07:13:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 07:32:53 GMT

GET
DATA 200
OK truncated
/ Frame 4A24 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 XHcEUCFl-26327326.mp4
video-native.mgid.com/ 18 KB
19 KB 6ms
6ms Media
video/mp4 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/XHcEUCFl-26327326.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 761b309e550425464d627968eee8c2fc2e1b2268a7729ce004f75b75e196ad06

Request headers

Referer: https://gloss.ua/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:55 GMT
last-modified: Tue, 02 Apr 2019 14:58:45 GMT
server: nginx
access-control-allow-origin: *
etag: "4959-5858d5fa3b555"
x-cached-since: 2021-05-13T13:54:25+00:00
content-type: video/mp4
Content-Range: bytes 0-18776/18777
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 18777
expires: Fri, 13 May 2022 13:54:25 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame C8C8 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 11:58:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8C8 118 KB
36 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:55 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame C8C8 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 11:59:48 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C8C8 0
0 18ms
17ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6mcc9iXkl8oo671hQVMHB6XcGFDLgWnO2o0c3KmXxC7Un_LMFVq7Rth_KyaQubWZcToUgX4YZ0h-T_c0OHuum4mBo2g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0F58 223 KB
37 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 15 May 2021 23:35:56 GMT
expires: Sun, 15 May 2022 23:35:56 GMT
last-modified: Mon, 03 May 2021 14:21:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 38330
age: 390299
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8C8 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctdkadk-mYL2xFL7G1fAP27yxmA7lto7OYv_K94H2Db_hHhABIMbgi3lglQKgAZXP6PEDyAEJqQI5r7sVpHi0PqgDAcgDAqoEgwJP0Ec7o6PJAJWjWWnmGSot2pMcPO3BocaXeMwxlkYA5wDLhESaf2cqV8MQDTyuqoCfviZPCLGP0eUkVnmpOgAxjOIYzSMeo5m8Asdf9krWnL548YJ_CxVPGK9ka6jonkWpzqnio91Vas1QZ86dWdxLGVJ1BufJET7PPQrXV1ArwlW7IQBBVBYMh5l5P0vwmsxzyccFk_TGIYFHmTDTkSK3DhvWVC_Sy4CydmBlOJENhyegzVDyKdLNbG_br_ujXB561STr5hBHKIPT1EjzdrpYj7wIbLagUCkMKh6R1iLCpUZvsu44_odMoHyGX-juzcpflzp5xmG-S64ypqvYB50oms9AwATarIXYywOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH07CXDqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDjhAHSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItMzc1NTY2MjE5NzM4NjI2OQ&sigh=LIGJvyOnW6Y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 20 May 2021 12:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E3A 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlDn9ZFw3ptroMpSsdYhlpyYrJVJ8lk1YjFPIM0Gdc21NEQxs8rwSY369rXcHk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7530558048&adk=450320534&adf=3279755404&pi=t.ma~as.7530558048&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054064&bpp=4&bdt=189&idt=222&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=2&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=601429039&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1000&ady=236&biw=1600&bih=1200&isw=300&ish=600&ifk=1280463597&scr_x=0&scr_y=0&eid=21066428%2C31060711&oid=3&pvsid=2681700935316376&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r5l0v96y1lvo&fsb=1&dtd=239

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 20 May 2021 11:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 225
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4A24 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ceekhdk-mYMP8FcLH1fAPzsK7kAf5sfLdYueyhqnmDYKd3KDUARABIMbgi3lglQKgAdbn8qMCyAEJqQI5r7sVpHi0PqgDAcgDywSqBIYCT9CzEYttyCu-FpDbTroL-zOT2uxG2hasRMckBYkNlgRkuu0v3ys3N8Xf32U-cvqAMCyeqt5zSyViWn8Tpm7KBRUtmboHZQaz8av8AF90IX0Ln_2JHWUzP8wL2B0DLeXtgKXi0jBBy8QDS7uUel5z-jScXR0YziGDT4q6NZhscOe6ZaDKaEeFQzfscWOkRc30sri57enI-3LNidNxUSah2s2Ym_W12-kReOMdgnv6Zl9MQXHJOzt0hdxln1oaQBfs1nZyxHrEF04x9CKec8WZ29Dpzq5krKG7H9UGoJxoFtNYvJL8g-eAU83GUTTAICckAioPJuGHrDFUFBAMTH5AhOXUKr3fX8AEtpmtvMIDkgUECAQYAZIFBAgFGASgBi6AB5KYjdwBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJOiCdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGAFwGyFxoKGAgAEhRwdWItMzc1NTY2MjE5NzM4NjI2OQ&sigh=PRoLV5KXYDE&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=3279755405&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512054103&bpp=1&bdt=238&idt=228&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=6907569516113&frm=23&ife=5&pv=1&ga_vid=1278708326.1621512052&ga_sid=1621512054&ga_hid=2036352084&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=15&biw=1600&bih=1200&isw=728&ish=90&ifk=495514336&scr_x=0&scr_y=0&oid=3&pvsid=1667487972369955&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17nqjfkdxqx4&fsb=1&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 20 May 2021 12:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 material.ttf
video-native.mgid.com/mgPlayer/fonts/ 5 KB
5 KB 7ms
6ms Font
application/x-font-ttf 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/fonts/material.ttf
Requested by: Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599

Request headers

Origin: https://gloss.ua
Referer: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 20 May 2021 12:00:55 GMT
last-modified: Thu, 12 Sep 2019 12:54:14 GMT
server: nginx
etag: "1248-5925aa28273f8"
x-cached-since: 2021-05-13T20:54:59+00:00
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 4680
expires: Fri, 13 May 2022 20:54:59 GMT

GET
H3-29 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: gloss.ua
URL: https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gloss.ua
Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 352637
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15556
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1298
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
15ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 20 May 2021 12:00:55 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C8C8 0
20 B 14ms
14ms Other
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3E_Y-b2PACFT5jFQgdW14M4w&gqi=dk-mYOD0E8zTtgfc3YGoBg&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
104ms Image
text/plain 35.168.104.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=gloss.ua&sn=&cd1=desktop&cd2=0&cd3=native&cd4=720031&cd5=077d7501-b963-11eb-bfa5-d094662c24f7&cd6=10&ic=0&tgt=0&app=&wi=480&he=270&test=&apppkg=&fv=1&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=5d82336828a061127b65a697&e=inventory&vi=0&cb=1621512055307
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11959827422705233990/ Frame 1298 12 KB
12 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76c38c297b9cc411b77a193041ced2749f15502176a52d15556cbd16b97ba2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 14:00:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 10:20:32 GMT
server: sffe
age: 424850
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12595
x-xss-protection: 0
expires: Sun, 15 May 2022 14:00:05 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1380436365541526711/ Frame 1298 8 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7960bddefd3e3485ffdf8715f306349057f4e5f3c06ec9efff5f70a94a2a2a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 06:19:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 15:21:06 GMT
server: sffe
age: 20515
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7829
x-xss-protection: 0
expires: Fri, 20 May 2022 06:19:00 GMT

GET
H3-29 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1298 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 16:25:26 GMT
x-content-type-options: nosniff
server: cafe
age: 70529
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 20 May 2021 16:25:26 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1298 344 B
372 B 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 54038
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 20 May 2021 21:00:17 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DB4D 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 May 2021 06:38:34 GMT
expires: Fri, 21 May 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 19341
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4A24 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14c3e312e5a0fb47b0671498dedde7f3914ba376556b55404292aeea9c86ceb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A023 31 KB
9 KB 7ms
6ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3d83af555220c88b18850ee3fbf69a98d6075c6222996861065acc2d619c492d

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 12:00:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 17:03:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25628
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9264
Expires: Thu, 20 May 2021 19:08:03 GMT

GET
DATA 200
OK truncated
/ Frame C8C8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c80b136b6a3d9dfa4b9358ea98356cb1318d4b79b8122e48070b709482e0ead

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 7 KB
2 KB 495ms
282ms XHR
application/json 52.206.107.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CDIM2=0&AV_CDIM3=native&AV_CDIM4=720031&AV_CDIM5=077d7501-b963-11eb-bfa5-d094662c24f7&AV_CDIM6=10&AV_CUSTOM2=0&AV_CUSTOM3=5%20%D0%BD%D0%B5%D0%B2%D0%B5%D1%80%D0%BE%D1%8F%D1%82%D0%BD%D1%8B%D1%85%20%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%20%D0%BE%D0%B1%20%D0%B0%D0%B2%D0%BE%D0%BA%D0%B0%D0%B4%D0%BE&AV_CUSTOM4=0&AV_CUSTOM5=7&AV_CUSTOM6=3&AV_CUSTOM7=0&AV_CUSTOM8=0&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=5d82336828a061127b65a697&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=gloss.ua&AV_DADPOS=1&v=6.1.1.243&avtoken=55306&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1621512055479
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.107.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4abb2119946d2b0cb80cfba7f5e73a21d9714d5b405f6713c69a8de2c5591c52

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://gloss.ua
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 08 May 2021 22:14:15 GMT

GET
H3-29 200 /
c.mgid.com/vs/ Frame 33C2 43 B
410 B 58ms
57ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=151&iid=720031&e=adinventory&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22077d7501-b963-11eb-bfa5-d094662c24f7%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%7D&t=0&c=5489&h=9kPLsnc88c4y2zqP2hR8MBsGtbj_ayrHJ1o2QClSp80dsmsO4DMbzncQ84N1pZ2I
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6525684acaeb9730-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f82be00009730bd245000000001

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4A24 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 352637
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4A24 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 524848
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 14 May 2022 10:13:27 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A023 284 B
536 B 28ms
7ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0F58 2 KB
499 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 10:11:43 GMT
server: ESF
date: Thu, 20 May 2021 12:00:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 12:00:55 GMT

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BB4 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2189
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 11:24:26 GMT

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame DCBB 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2189
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 11:24:26 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0F58 16 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 20 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0F58 26 KB
10 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 20 May 2021 23:11:01 GMT

GET
H3-29 200 aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.jpg
s-img.mgid.com/l/-/680x385/-/ 62 KB
63 KB 16ms
15ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/l/-/680x385/-/aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.jpg?v=1621512054-msucilkmuZDaP3VGA0PUCsdeSYIzJG8iceY7pa0kqDQ
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7946467fd9e9987b964e57648bf2c2b1bca88623f5f0fd7a1ed3aeb9ff684701

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
cf-cache-status: HIT
x-mg-request-uuid: 92a5e5ff-de08-4e97-b4ec-ef02bf95f4a1
age: 465995
cf-polished: qual=85, origFmt=jpeg, origSize=73400
content-disposition: inline; filename="aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy9ydS8yMDE4LTEyLTE2L2YxMjliZDc5ZDBmYzMxNGE5OTQ1M2IxOTRmNTRiZTkwLmpwZw.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63538
cf-request-id: 0a2b3f837400009730973e5000000001
last-modified: Wed, 12 May 2021 05:07:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6525684beb679730-FRA
cf-bgj: imgq:85,h2pri

GET
H2 206 9fdc7a755fcade52a1d253e49e9ea063_360.mp4
video-native.mgid.com/provided_video/2018-12-16/ 64 KB
0 7ms
6ms Media
video/mp4 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/provided_video/2018-12-16/9fdc7a755fcade52a1d253e49e9ea063_360.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://gloss.ua/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc34
date: Thu, 20 May 2021 12:00:55 GMT
last-modified: Mon, 08 Apr 2019 10:17:36 GMT
server: nginx
access-control-allow-origin: *
etag: "66d5c6-58602253ed10e"
x-cached-since: 2021-05-11T20:11:01+00:00
content-type: video/mp4
Content-Range: bytes 0-6739397/6739398
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 6739398
expires: Wed, 11 May 2022 20:11:01 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E3A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlDn9ZFw3ptroMpSsdYhlpyYrJVJ8lk1YjFPIM0Gdc21NEQxs8rwSY369rXcHk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 20 May 2021 12:00:55 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 20-May-2021 13:00:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 May 2021 12:00:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 20 May 2021 12:00:55 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DB4D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEESh4ad2_rOHNGkBT5o8kGQ&google_cver=1&google_push=AQvitUJtBL5fbX73RLCV_QTES0VLbBEuET7b8_Gr5vY8sY13zGGcqLExdYS13Jw0akawSbKHXyLX0j6KWwb9obzVp4iYblgsK7-d
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJtBL5fbX73RLCV_QTES0VLbBEuET7b8_Gr5vY8sY13zGGcqLExdYS13Jw0akawSbKHXyLX0j6KWwb9obzVp4iYblgsK7-d&google_hm=Q0FFU0VFU2g0YWQyX3JPS...

170 B
188 B

15ms
15ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJtBL5fbX73RLCV_QTES0VLbBEuET7b8_Gr5vY8sY13zGGcqLExdYS13Jw0akawSbKHXyLX0j6KWwb9obzVp4iYblgsK7-d&google_hm=Q0FFU0VFU2g0YWQyX3JPSE5Ha0JUNW84a0dR

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 12:00:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJtBL5fbX73RLCV_QTES0VLbBEuET7b8_Gr5vY8sY13zGGcqLExdYS13Jw0akawSbKHXyLX0j6KWwb9obzVp4iYblgsK7-d&google_hm=Q0FFU0VFU2g0YWQyX3JPSE5Ha0JUNW84a0dR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DB4D
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIGY0TisFsC7ZeJc5InOyRZa6g-GgybVyeARmQ-jKMARBIWi5hWdpoyHqBNjYvr_TRJ53j5XiU5XtYW39IfwKvEwATEFxUr&google_gid=CAESECjKNCTw6qXif6Y5xjNpuX8&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPeemYUGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJR1kwVGlzRnNDN1plSmM1SW5PeVJaYTZnLUdneWJWeWVBUm1RLWpLTUFSQklXaTVoV2Rwb3lIcUJOall2cl9UUko1M2o1WGlVNVh0WVczOU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbHV0QmN4bFlTWmlEZWdmdGxFdlhrSkpWbTVEVkp6dmFBQkVCZ2JzRFpDWQ==&google_push

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbHV0QmN4bFlTWmlEZWdmdGxFdlhrSkpWbTVEVkp6dmFBQkVCZ2JzRFpDWQ==&google_push

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 12:00:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbHV0QmN4bFlTWmlEZWdmdGxFdlhrSkpWbTVEVkp6dmFBQkVCZ2JzRFpDWQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DB4D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJRAo1k...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJRAo1k...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MjAxMjAwNTYyNjQ4MjUxOTI5MzE5OA%3D%3D&google_push=AQvitUJRAo1kq4r7QAwJxufeL6Fp95jeUYSolfu8IVVYU0eHA-QM9g9L_FJhYN_mW16ECI...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MjAxMjAwNTYyNjQ4MjUxOTI5MzE5OA%3D%3D&google_push=AQvitUJRAo1kq4r7QAwJxufeL6Fp95jeUYSolfu8IVVYU0eHA-QM9g9L_FJhYN_mW16ECISalHSZdrOjDpPeOekadPcR7uS_5FU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MjAxMjAwNTYyNjQ4MjUxOTI5MzE5OA%3D%3D&google_push=AQvitUJRAo1kq4r7QAwJxufeL6Fp95jeUYSolfu8IVVYU0eHA-QM9g9L_FJhYN_mW16ECISalHSZdrOjDpPeOekadPcR7uS_5FU
Pragma: no-cache
Date: Thu, 20 May 2021 12:00:56 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DB4D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UoFkgbz9S1CpV1t7ELbiAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UoFkgbz9S1CpV1t7ELbiAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4tO-XOj0BBUPUwdFtZPkT6jtS4nPnzNGt3r1QLCbOrGv7p4hGhD7T5PkNNtnqTkmC784-6YDhUUpsXUbALfPC6qSxOvUI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UoFkgbz9S1CpV1t7ELbiAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4tO-XOj0BBUPUwdFtZPkT6jtS4nPnzNGt3r1QLCbOrGv7p4hGhD7T5PkNNtnqTkmC784-6YDhUUpsXUbALfPC6qSxOvUI
date: Thu, 20 May 2021 12:00:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame DB4D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBN...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DB4D
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGStQ40b0PZyomB21-UVlGM&google_cver=1&google_push=AQvitUI6R4dqYuU1MB9sqQgI...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUI6R4dqYuU1MB9sqQgIbR0_scqnTOHzWAe1hTMv77yLOuBI_hlaLqx3Gmn0-zCyQlP_HI24YzlFS18o3XWsChvaH-zl4lCAsQ&google_hm=

170 B
188 B

22ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUI6R4dqYuU1MB9sqQgIbR0_scqnTOHzWAe1hTMv77yLOuBI_hlaLqx3Gmn0-zCyQlP_HI24YzlFS18o3XWsChvaH-zl4lCAsQ&google_hm=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:55 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUI6R4dqYuU1MB9sqQgIbR0_scqnTOHzWAe1hTMv77yLOuBI_hlaLqx3Gmn0-zCyQlP_HI24YzlFS18o3XWsChvaH-zl4lCAsQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 19 May 2021 12:00:55 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame DB4D 0
12 B 20ms
13ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhfNAYcT_iMnI8CxprVHDGA4s6Jf9CdF-Q4Cm-s9KcXe27Ebpj0jPYtqfBXHre1vw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:55 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame B737 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2189
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 11:24:26 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 0F58 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 35873
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 20 May 2022 02:03:02 GMT

GET
H3-29 200 N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame 0F58 17 KB
17 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:04:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:47:49 GMT
server: sffe
age: 352604
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17268
x-xss-protection: 0
expires: Mon, 16 May 2022 10:04:11 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 0F58 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 00:07:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 42777
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Fri, 20 May 2022 00:07:58 GMT

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame 771D 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2189
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 11:24:26 GMT

GET
H3-29 200 /
c.mgid.com/vs/ Frame 33C2 43 B
410 B 56ms
56ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=151&iid=720031&e=vr_load&h=9kPLsnc88c4y2zqP2hR8MBsGtbj_ayrHJ1o2QClSp80dsmsO4DMbzncQ84N1pZ2I&o=%7B%22vrViewable%22%3A0%2C%22sticky%22%3A0%2C%22playlistSeq%22%3A0%2C%22uuid%22%3A%22077d7501-b963-11eb-bfa5-d094662c24f7%22%2C%22timeOffset%22%3A0%7D&t=0&c=21250
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6525684e2cae9730-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f84d900009730ae14a000000001

GET
H2 200 / Show response
servicer.lentainform.com/720031/ 65 B
267 B 65ms
56ms XHR
text/xml 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.lentainform.com/720031/?vast=1&w=480&h=270&pl=1&page=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&cbb=1512056039
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f84f100004e3db194a000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://gloss.ua
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6525684e4c234e3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
103ms Image
text/plain 35.168.104.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=gloss.ua&rs=gloss.ua&sid=53936&t=1621512055&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1621512055745-913238757412-007050-000-007100&cha=0.7&cb=31822460342&cd5=077d7501-b963-11eb-bfa5-d094662c24f7&cd6=10&cd1=desktop&cd2=0&cd3=native&cd4=720031&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5ac2203f073ef46a6856c7b0&ncid=5d82336828a061127b65a697&e=request&cb=1621512056042&asid=5e44275128a061175f2ea4f3%2C5d81eeea28a06169495d4548%2C5eea1ac8d54b6f4e4b19a7f6%2C60819ba6eb26763e9545c5ec%2C5ef3474f3a59df3b4675bb13%2C5ef37bfc5814b32b447312c8&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0F58 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 118426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 19 May 2021 03:07:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 03:07:10 GMT

GET
H3-29 200 autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0F58 6 KB
6 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 118426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5867
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 19 May 2021 03:07:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 03:07:10 GMT

GET
H3-29 200 autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0F58 48 KB
48 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 118426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49113
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 19 May 2021 03:07:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 03:07:10 GMT

GET
H3-29 200 hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 0F58 30 KB
30 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 118426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30604
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 19 May 2021 03:07:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 03:07:10 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
102ms Image
text/plain 35.168.104.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=gloss.ua&rs=gloss.ua&sid=53936&t=1621512055&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1621512055745-913238757412-007050-000-007100&cha=0.7&cb=31822460342&cd5=077d7501-b963-11eb-bfa5-d094662c24f7&cd6=10&cd1=desktop&cd2=0&cd3=native&cd4=720031&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5ac2203f073ef46a6856c7b0&ncid=5d82336828a061127b65a697&e=bid&cb=1621512056132&asid=5e44275128a061175f2ea4f3%2C5d81eeea28a06169495d4548%2C5eea1ac8d54b6f4e4b19a7f6%2C5ef3474f3a59df3b4675bb13%2C5ef37bfc5814b32b447312c8&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2DE9 334 KB
115 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FD39 334 KB
115 KB 52ms
24ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 42F1 334 KB
115 KB 61ms
34ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B2AA 334 KB
115 KB 58ms
32ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 96EF 334 KB
115 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H3-29 200 bridge3.460.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 91BF 573 KB
188 KB 20ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510ee302f234e20f415e817af134935a91c804d33d9b19a54063b65d1d299a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.460.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191957
date: Tue, 18 May 2021 14:19:50 GMT
expires: Wed, 18 May 2022 14:19:50 GMT
last-modified: Tue, 18 May 2021 14:14:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 164466
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 2DE9 44 KB
17 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2DE9 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.460.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 05B3 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510ee302f234e20f415e817af134935a91c804d33d9b19a54063b65d1d299a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.460.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191957
date: Tue, 18 May 2021 14:19:50 GMT
expires: Wed, 18 May 2022 14:19:50 GMT
last-modified: Tue, 18 May 2021 14:14:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 164466
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FD39 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FD39 107 B
122 B 37ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.460.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1018 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510ee302f234e20f415e817af134935a91c804d33d9b19a54063b65d1d299a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.460.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191957
date: Tue, 18 May 2021 14:19:50 GMT
expires: Wed, 18 May 2022 14:19:50 GMT
last-modified: Tue, 18 May 2021 14:14:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 164466
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B2AA 44 KB
16 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
DATA 200
OK truncated
/ Frame B2AA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B2AA 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.460.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F805 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510ee302f234e20f415e817af134935a91c804d33d9b19a54063b65d1d299a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.460.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191957
date: Tue, 18 May 2021 14:19:50 GMT
expires: Wed, 18 May 2022 14:19:50 GMT
last-modified: Tue, 18 May 2021 14:14:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 164466
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 42F1 44 KB
16 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 42F1 107 B
122 B 19ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.460.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E174 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510ee302f234e20f415e817af134935a91c804d33d9b19a54063b65d1d299a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.460.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gloss.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gloss.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191957
date: Tue, 18 May 2021 14:19:50 GMT
expires: Wed, 18 May 2022 14:19:50 GMT
last-modified: Tue, 18 May 2021 14:14:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 164466
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 96EF 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 20 May 2021 12:00:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 96EF 107 B
122 B 17ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gloss.ua

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 12:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8C8 42 B
64 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFe8N0yl02yssWAvPte7QRe_DAJY274oI14JoMJHPH-nWcvQfLcXbb0p6-BkQb1XOjAMpPpYch1KSOAPWBi8OCRH9ZFyM2Nleqct6r-iUnpH_9CjlvmzTr-NmKpOIo9EJZK3rIYOvcSQ_OuUuHHY34&sai=AMfl-YQfHgfPlHk46dYSOfN0D4iq8zdwGO1p2iWo2jxMBZJqtvNPkipKvaj2lc9CodtkAJu55eRKjC7DJ0T09ppWbtcpQH7mkXJ0ZFQ&sig=Cg0ArKJSzA3mpcB0kmAeEAE&cid=CAASF-RoNIDvHBKFGPVJDWkbunqVJLkCe3uW&id=lidar2&mcvt=1316&p=0,0,600,300&mtos=1316,1316,1316,1316,1316&tos=1316,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=450320534&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621512054307&dlt=537&rpt=155&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2AA 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?u=f&lid=152&sdkv=h.3.460.0&e=31061774&id=ima_html5&c=1232492365874858&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2AA 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_gloss.ua_video%26description_url%3Dhttps%253A%252F%252Fgloss.ua%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D&customPlayback=f&customClick=f&lid=8&sdkv=h.3.460.0&e=31061774&id=ima_html5&c=1232492365874858&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1298 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBLLU-aZCA0mmlSpWgZTkgQWC-n7YfnHTkBnjmWpU-q7F7ZLpCnxliYjqSsUQ9B4kgt1EMEJLs_CYMqf0QNLFbkTBrG5TwjF0VA6JLVd-R8RKpc-xycu7TDq5EcA&sai=AMfl-YQSaw0Z1gIIPRXeGT738RDd2gx-dJDkENHZ2fCcVrdLl4qO4GX4pj7fB69bIXz8rPef-yv-BIXSCVBwkiPCZGUSpOAqAmJSj2y01Rak9THxI9MvYEyg3idd_Yjo&sig=Cg0ArKJSzJJP6zGv5NFBEAE&cid=CAASF-RoeCRwCXal6yDbIfoysZQDTk0ENrUO&id=ampim&o=0,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1208&mtos=0,0,1208,1208,1208&tos=0,0,1208,0,0&tfs=524&tls=1732&g=100&h=100&tt=1732&r=v&avms=ampa&adk=3148175092

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A24 42 B
501 B 42ms
22ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqA4YSLG71PluctXCwOiiGzkwYcg11Bk5Wpx-PdC1aK-BSvUtWANGoCMaUzyFyaG-C09I3flXw7stsbFoWLpzy95sVHJgGCUAwelIVQbrSzhyXq3QlGfUWWz5X1A&sai=AMfl-YQX4RO20zwQbD6MHThOtSdQslYC6uwiPVz8eijItPiX99PfbuvmB9wWf2jY24K9PiCAzPfwFEsiX571dkVCJpt0zUqzsqz1864&sig=Cg0ArKJSzGM1AHdqACcnEAE&cid=CAASF-RoKima_qDhqB9-VIXnyqJQ8fL4e0GE&id=lidar2&mcvt=1036&p=0,0,90,728&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2257904722&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621512054341&dlt=419&rpt=167&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ED81 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2758
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 20 May 2021 12:14:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D11D 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2758
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 20 May 2021 12:14:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0D02 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2758
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 20 May 2021 12:14:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1ADB 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2758
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 20 May 2021 12:14:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DF6D 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2758
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 20 May 2021 12:14:58 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58F0 0
20 B 24ms
23ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2681700935316376&bg=!39yl3JjNAAZ7hX_Ue4U7ACkAdvg8Wlokel_UTvweYHzHXA-u3cziL2T9WcA4T43U3LsSvCfMKEa8SQIAAAKkUgAAAGpoAQcKAALzSZkCU_O0ARsCPvyuDVpo8WbXS5xFojMmyxkgaWZzSxu617oK1kRxDz4xdsTwM89tDfSe8GJoof3ucoqF_42vdS4y6VLLmvyllKaIDe111sBa321GkT2jnlkzhnoeWO5J6WXXpl8ehSTO9yE0n4bwtuSOW_PRoQTw3D5odbEII6GKLZVaha0eMtQxFQoEsNGwQDpQVyqs1vLJOPtF_WcwTGB05BGcUUNaOFAVjjm1guGY5YrgPK1_TepsliNdokyEHWITRqDg5zY8SPZeJvKU8fpw7JDXZSGOxqUuoQwBa1KjamL2jLOpn93mlFXECiXxa16obrI58dIMjK4Salep_mRQe-YfBJrmwcYIla3BQG02fPTYHlDUFfa1OET6UGESVwX5iLlT0ZqlpXpC_dptgN1xvh9tHXTXP3HUZkwPyMhA-v-xXWCIkeR2NdmFnZwH5DnG-Ym5DovUD7Y9dWdfVkZ78MVU16dDRy9ygSexfWNcpzZ7uGE97UnGwa6AbSosJ0e9yj0MfJH1DpIcZeikDuKgutoAmFs3HMiCHiMLB54VpXRgXiDTL6d8kWIJgzrD9Gw7u71IwUVGtnRIKoeXeEZw1YyeMhf3g7L7BbYRQhcR_gJF6uXZq-5b4eFG7Dbnk4f04TdZsf0LC-FGVDg6HRaY3DqZkaPbrsZyJTCJBlb3lg3l93DgGBfb_aAo3GQ4gI8Y1muNDg-pR8F8htpJv6Y8FHW6kGIF5CgGsKqtOA22yC3YDjSjxrr6CE5nDOLWcz-bcl5Z3504PJcBkKtpTnQ_7lKe_8A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A96D 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=1667487972369955&bg=!fH-lfzvNAAZ7hX_Ue4U7ACkAdvg8WvRy3cOgM8XsKxj1TnYCJ3PLmZ0WUGamlTB6exFCvb1e79XxMQIAAAKeUgAAAHpoAQcKALvMSn-w1FS_mXNK7_5mCVHhx-LCzqPJ4ZfwvncSvWGnCiyL7jKOdXSL6_jnmrml9uapodaD0sVHNFLGrwGRCxa35ERwblPNDRP5MJEkkSAyaT61t2vSh_pApziCRwdhqXHzp6OoNa-MxR3-S7TfReGwNAWpPTA4axtb09ebjp69nZONZK0JWOBIFCMWtkyggx0kF_D2M-01oMPZtk1r90fYqo41D_2WmsWw2IDSgbLJ3XXCoJc5cOWG6aXrmQJJSOg-LPBT8gZ94ut8Xz7UAaaYm6Qup37YaOGMr4ClGL1t_2-CkCV1Xw30rF09YzMAj5OIuWuUuDXi4MzqyfF6V_Z57m_Dk40-ZPDBG6PZhl4JCYTD-4t4Mp52_UZiDP-CrM2dDZgdc6hOhWLQjtNYdInCgx5xEg5REjQugGK1cAbbK3yGi9g4Y7bqZgJ0wH3n3x5xnziyAJYPpIHQO4dKlmtf_kdKEEN68Pjt4TnVjVZcBu1yQ6S3dUGrvUgZk7ppooMuNX86I90R_V1cfJJcU-siS8IeVvPwqo5OGseyEwwdkzhZ4YeRd7hkr5VJk4LVc4GeI1CVT1UQKLUIuHoHa3GNLd7yT72gPhUqf4N7DSF3dKTlw118AGQS3EEV3JEgGdulX9AeifTwLoZox47u7L7kVjdkvo2FBm7NM21wUnNf3-def3UWplmEVqFT9bIcG3EhyT8IO2L69eEGGdMS1kxdaUd4muTPZSiXUd7GRyIPPftYSnohNyuRGbywvHdhzhZX5aqreJx9n0OJSHFAhVnPNIwASPfnbKVm5ggrQ8SK_4G0hOLfjRIkJWgAsBivbfA554QzAp3JPtaPMCGh0h0hsaeTK2jrIeVLaJ_n9YXrylQYVrHaCBBo1VVpm8hjBvWyfuOgaJZlDXAL8iZ6ckZty-olOsKFyhCwnt8FJwFhkq_XAfvk0gSUltBnvWu5qlX0jKlxkRKmL4YfxFnAd7_q_Y7DJ36KdEgj_7lfcydQPqmU_-5TPROW97jhvvCODt6WaWNLR-43

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051701&jk=2466747806628128&bg=!zs2lzYnNAAZ7hX_Ue4U7ACkAdvg8Wl-EjkTo7p0LXLqqVDtrk1KHIAWJPacigshZtFHUlsrL8FW7qgIAAAOeUgAAAGtoAQcKARJ4qmsZM28DGiOuHJXsN15_OU0RaSPhFIYea3S0EXEy7dQUwQ2XmVbd8nIzuAmtSEaTTe3Ozj-Snfkl96alhF702MhXMgHrYbhEh7OYegflEZakxSkOIpvlyF-l2BUDg9ZQocez_YmFotuTEsFBhdjS4xDsu_h8GBaEfIzqqzOn5zjwLkDL0Jexrlxcz62xCK64BopxlzEMwFTCC12p2U30gvpm1kG5oevmKanaT5Vj7IYmMseZ7-ZwMq9IRpxQlanVYeJZRVzd84KvOqE_cu4G-FdwkFmohrFXybDO4nmf-g0-k4Av7GtC9wfOhL9nKwUtekExg4gh-RjU09SgkSmBQ5iWB5hPkfNTbhZSmx7QDchNmQIoriknPLVrbt3k62gHmF_ijTgbVtLd4fZ6AiVlF6nYAfpO2VHIjKVjv14E9U33KnpsB0Z6EgNsu-_yTlWuE_PlqAdgKJPSBnAR9Hqfgm-Usu2FzSIqaDYjrdSt0EGv8E_xJilmaa9X02AFSr5YkJUE9fmdm7jq76MkAGmDuMQkKEn0mAGWwwhjOTSGLrjUT57YjETWqf3JfTxlWgQ08-JLq6ZTqs2Z80TtwVIjDzMFggQ_6nrjw6g9l971qL0ao3p20KtLlrhtzT-e-_0L911B-NE2DqGtoQmnUbJG7CfGY0_GGaPHFbgSKAcfH99n8whihkVlTjrikbe08YvBnOI1WRlMSwsGD0TRN4-H727OthdNNR3pzVcSy-4sE3WAN7mfFtu8pL2D3GQAjMBB1I_7hUmSMRDEjTZsGH-X6PXZUIz2cFfSfDDLxKwURgE9vhrEkjozkEOuyHEwl5DaooqV4iVkU1_J7LhKrEtzKYvKQi4BjxZHz9GWapDsxAVyJSDbxQGWt4Jz7JQ_oCx9_8pfDikaUTzQZsMWpt6JlViO_YzEqrGo4ltrojCIpVId4kdNOG6TsFwWdnZv4n1DyyBQbpGUonDwEb9jZUxJvtln1J4SOmErhRG-ZxmuY-wpWm5iObraoYjzn0FDyoneLD49T8wGSUv08ywV3hTPeivjH8WTqklb6qVkZV_kTjvqt6apYFKv0uv9FWCRaQh_PfFlszbLT6PBY6PQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 91BF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.460.0&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.6466401716914658&time=1621512057337&lid=43&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 91BF 71 KB
14 KB 316ms
314ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2Fgloss.ua%2Fgloss.ua_bit_1&description_url=http%3A%2F%2Fgloss.ua&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1540772662180597&sdkv=h.3.460.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2710761470&sdk_apis=2%2C8&sid=F855BFD7-E918-40EE-BE55-C75A645F3269&eid=44741233&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&dt=1621512057364&cookie_enabled=1&scor=3844329336740450&ged=ve4_td1_tt0_pd1_la1000_er2419.317.2572.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c207ae358cba0ebb35eb7e75294c5694b5363376b69abbaa493c83925ba05c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14245
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1621512057362&timeout=f&logid=0.6466401716914658&timediff=25&lid=43&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
20 B 17ms
17ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?catu=f&cookiesen=t&doesgdpr=f&gdprapp&gdprcmpapp&gdprload=t&idlsena=f&rt=xfp&storallow=t&tcstr&hpadid=f&hpaid=f&hpatt=f&hpcke=f&hpckvalue=f&hpgapp1=f&hpidtype=f&hpilat=f&hprdid=f&lid=137&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 05B3 72 KB
14 KB 232ms
231ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21750935102%2Fmirs_li%2Fgloss.ua&description_url=https%3A%2F%2Fgloss.ua&env=vp&correlator=112899574271516&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480&unviewed_position_start=1&sdkv=h.3.460.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=521750999&sdk_apis=2%2C8&sid=0B68E21F-FFA9-4CB6-A18E-EF870C6D91AA&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&dt=1621512057371&cookie_enabled=1&scor=2614503982696630&ged=ve4_td1_tt0_pd1_la1000_er2419.317.2572.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7c55b93b0777552782a6ef6330c0bbaeb162185f52cc1c44cfa0f68aaf2cf15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14413
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1018 70 KB
14 KB 289ms
289ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_gloss.ua_video&description_url=https%3A%2F%2Fgloss.ua&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=823870034032192&sdkv=h.3.460.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3591924162&sdk_apis=2%2C8&sid=4E99752E-ABD3-4F12-8CA6-520590D4122E&eid=31061774&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&dt=1621512057374&cookie_enabled=1&scor=331494020770687&ged=ve4_td1_tt0_pd1_la1000_er2419.317.2572.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bb58c9cfb2cfa3e10b4a1d89aa01385098e6e791ee3355bca839ad3fd3316736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14269
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F805 156 B
745 B 216ms
216ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2Fgloss.ua%2Fgloss.ua_video&description_url=http%3A%2F%2Fgloss.ua&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=223131453044389&sdkv=h.3.460.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4256545674&sdk_apis=2%2C8&sid=ED6DAE78-D6F3-4EE2-94C4-D0D38A111D5D&eid=21064201&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&dt=1621512057376&cookie_enabled=1&scor=2228351363955729&ged=ve4_td1_tt0_pd1_la1000_er2419.317.2572.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E174 70 KB
14 KB 255ms
254ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_gloss.ua_video2&description_url=https%3A%2F%2Fgloss.ua&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4358500854439128&sdkv=h.3.460.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3805039068&sdk_apis=2%2C8&sid=517A1C24-C2E6-4600-9DEC-C47DF98E2DD9&eid=44731964%2C44740340&url=https%3A%2F%2Fgloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&dt=1621512057379&cookie_enabled=1&scor=4268943032455044&ged=ve4_td1_tt0_pd1_la1000_er2419.317.2572.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.460.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a6a06526ce87bc2b1c34a7a3420a31434157b347ebde20e306f28019dded99be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 12:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14278
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
c.mgid.com/vs/ Frame 33C2 43 B
235 B 107ms
107ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=151&iid=720031&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22077d7501-b963-11eb-bfa5-d094662c24f7%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%7D&t=0&c=8607&h=9kPLsnc88c4y2zqP2hR8MBsGtbj_ayrHJ1o2QClSp80dsmsO4DMbzncQ84N1pZ2I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:00:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 652568582f94535d-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3f8b170000535d05267000000001

GET
DATA 200
OK truncated
/ 581 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 300ms
103ms XHR
text/plain 35.168.104.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=gloss.ua&rs=gloss.ua&sid=53936&t=1621512055&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1621512055745-913238757412-007050-000-007100&cha=0.7&cb=31822460342&cd5=077d7501-b963-11eb-bfa5-d094662c24f7&cd6=10&cd1=desktop&cd2=0&cd3=native&cd4=720031&d9=1000&AV_WIDTH=480&AV_HEIGHT=270
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gloss.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 May 2021 12:01:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
112 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=0&streamcorr=0&loc=https%3A%2F%2Fgloss.ua%2F&ref=https%3A%2F%2Fgloss.ua%2F&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BF 0
47 B 16ms
16ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.460.0&e=44741233&id=ima_html5&c=648955756183777&domain=gloss.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 12:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js

Domain: pa.tns-ua.com
URL: http://pa.tns-ua.com/bug/get_cookie

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZPd-pdV_fmikKSkxAFMQAABKkAAAAB&google_gid=CAESEFs1IRa8WK3PaO5ztCAeqJI&google_cver=1&google_push=AQvitUJZTHRKoqKmy26XtnsXKR02-MGWkDWBNQIyBeFC1NuefpkmeTCZ0YIcS5R9JBOrUHhZYTKO0ag3WJMyULR75XP5jlMcmXQQ&google_tc=

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gloss.ua/	1970-01-19 18:25:19	Name: store.test Value:
.gloss.ua/	1970-01-19 18:26:38	Name: _gid Value: GA1.2.2091690816.1621512052
.gloss.ua/	1970-01-19 20:25:12	Name: vs Value: 5e2cc96f6d71a177c71a8f07e7177277
.gloss.ua/	1970-01-19 18:25:12	Name: _gat_gtag_UA_8513368_1 Value: 1
.gloss.ua/	1970-01-20 11:56:24	Name: _ga Value: GA1.2.1278708326.1621512052
gloss.ua/press-release	1969-12-31 23:59:59	Name: Value: store.test

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Mraid Ready false
console-api	warning	URL: https://gloss.ua/user/js/likely.js(Line 7) Message: LIKELY DEPRECATION: Class "likely_visible" will be removed and joined with likely_ready. Button tags will be changed from <div> to <button>.
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=a3923d1fcf904668a5d85e293a031503&zone=737F5C15-3BFB-428A-AA43-3DCDF26EB14C&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=ad387e58-341a-4e62-b947-a9d9d07bb3b8&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=NDU%3D&asign=-1088770120&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=4CF415EB-B771-4EAD-AB42-B8DBC04EED68&crid=4CF415EB-B771-4EAD-AB42-B8DBC04EED68&profile=8CE3C9F8-1FF1-4973-ACDD-1B5B50E46075&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=ebb3d3c13a2340b1a65cd3aad19a770a&zone=6E34AC41-F6E8-42D8-8020-0A281CF4438C&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=f4c64ecf-9fde-4afe-b420-26e19f0d013a&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537621789&ap=MC4zNzQxNjY%3D&asign=1810625340&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&crid=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&size=728x90&profile=45223BF7-5B11-417C-A48B-79F59E3A3175&adv=Google&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MS4x&asign=1605920783&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=154AB39E-2430-4ED0-B469-A2976796237E&crid=154AB39E-2430-4ED0-B469-A2976796237E&size=300x600&profile=DF512DF6-B57D-4C30-9173-E7AF47B59252&adv=Google&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
console-api	debug	URL: https://jsc.mgid.com/g/l/gloss.ua.720031.js?t=202142012(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=ebb3d3c13a2340b1a65cd3aad19a770a&zone=6E34AC41-F6E8-42D8-8020-0A281CF4438C&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=f4c64ecf-9fde-4afe-b420-26e19f0d013a&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537621789&ap=MC4zNzQxNjY%3D&asign=1810625340&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=88b09a13-4126-4d1f-aaac-f1ec10fb0384&ip=144.76.109.30&item=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&crid=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&size=728x90&profile=45223BF7-5B11-417C-A48B-79F59E3A3175&adv=Google&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?cc=DE&am-uid=6dfec62090234229bf17b3098782ac33&zone=FBC9C5F6-46BE-4905-A275-6CCE8BCCC85A&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=9c472bf6-3f58-4ddf-9db6-1010ee2e6f93&hp=739469672&page=gloss.ua%2Fpress-release%2F134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili&ts=637571088537541712&ap=MS4x&asign=1605920783&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=45&bt=3&carr=Hetzner+Online+GmbH&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-1&pxl=0&pvid=b019c3cf-8493-4847-86f7-b07282a22534&ip=144.76.109.30&item=154AB39E-2430-4ED0-B469-A2976796237E&crid=154AB39E-2430-4ED0-B469-A2976796237E&size=300x600&profile=DF512DF6-B57D-4C30-9173-E7AF47B59252&adv=Google&dsp=UMH+Digital&dmp_pr=MA==&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=6e34ac41-f6e8-42d8-8020-0a281cf4438c
console-api	log	URL: https://cdn.admixer.net/scripts3/d9d92df4fba73716000e.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=fbc9c5f6-46be-4905-a275-6cce8bccc85a
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://gloss.ua/press-release/134063-tm-rollton-svjatkuje-10-richchja-v-ukrajini-ta-daruje-avtomobili

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

656122af7ddd3087d54786e8c57dd02a.safeframe.googlesyndication.com
ad.360yield.com
ad.adopx.net
ad.adriver.ru
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.vidver.to
ad.vidverto.io
ads.betweendigital.com
adservice.google.com
adservice.google.de
api.pinterest.com
bgstats.mox.tv
bit.ly
c.mgid.com
cdn.admixer.net
cdn.ampproject.org
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
d.agkn.com
e.dlx.addthis.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gloss.ua
go1.aniview.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
graph.facebook.com
h.holder.com.ua
i.holder.com.ua
id.rlcdn.com
idsync.admixer.co.kr
image6.pubmatic.com
imasdk.googleapis.com
inv-nets-eu.admixer.net
inv-nets.admixer.net
ismatlab.com
jsc.mgid.com
m.trafmag.com
match.adsrvr.org
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
player.aniview.com
prebid-eu.creativecdn.com
prg.smartadserver.com
pubads.g.doubleclick.net
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.console.adtarget.com.tr
s0.2mdn.net
sb.scorecardresearch.com
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.lentainform.com
servicer.mgid.com
source.mmi.bemobile.ua
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
unpkg.com
video-native.mgid.com
ww251.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
gaua.hit.gemius.pl
pa.tns-ua.com
104.16.221.74
104.19.134.78
104.19.136.78
104.19.217.61
13.248.242.197
13.32.25.85
142.250.185.98
142.250.186.130
143.204.202.85
146.0.227.107
146.0.227.110
151.101.112.84
167.71.9.19
18.195.194.125
183.110.238.136
184.24.15.122
185.180.223.221
185.184.8.30
185.29.135.234
185.64.189.115
185.86.137.114
185.86.137.17
188.42.196.115
190.2.153.150
193.200.65.6
194.247.175.23
195.209.108.39
212.8.250.228
212.8.250.83
217.182.200.19
23.20.15.211
23.79.143.124
2606:4700::6810:7aaf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9b
2a02:26f0:6c00:28a::2c79
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.124.27.129
35.168.104.13
35.212.212.222
35.244.174.68
51.38.120.206
52.19.6.23
52.206.107.130
52.58.45.227
67.199.248.10
69.173.144.165
91.198.36.26
91.198.36.35
03abd39d3605f4d09f9c4e3234b39b7a6c4eae8636c7e54a8a591c7fdf1a1bc6
06a225039cf67cc0ff2944ff4ab559b967a136ff476b30a1df28a887d6d066f3
07acf5dda025a26dd027c17a49253ece9594d2cf09c87c8f18ac72b30b5969f2
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
097ee19b938231fab94fa26d6b8495456103f37e5bb10dffa2feab3b765e3a28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0e671a70fbf1155ed9ec58398fb6d144360a73646429e52701ef584533fbb610
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
10b5c4ba36de35a1248842af9414553c31daa8d1ff3882ee9d9d0427d8aaff0b
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
14c3e312e5a0fb47b0671498dedde7f3914ba376556b55404292aeea9c86ceb8
158b733d7ea2566df2cce3580ac2744d7302e3007224b6cb15e430a7aabe2156
17574661f647f47004e9c88d1d22adc9654a3129701872c5a61f5e4cdc38e200
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19ddf935291977d820707b78804f6b095666d6b1cfbf00e1c34cb9401a3ffd68
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1f7f6b5d4c2aa3e8f3a326ba7383d14991eeee28e82ad79ec9d845a8cfad90bd
2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2837155008cb38a38129ece18fe862656a43cbce76cafc24b8ca37513e9db978
2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1
2bf8bb591c1ef1b2c4571069ee87ea6032efe21bf084d8c452d6173de73e19fa
2c45003af2c9eeeec9ac1206dd1bb6d6b759798be69d22e87fa868dc8ca056bd
2c55231607eaf6c232fbbb071554d69927b2c520394b6a2e7ccf5c33b3cde101
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3068a1e4f3aa565fd4d61bae0b42fae278859f3b2e7d0e5e17c4cb7fa9d68c8a
308a2d856bad31c2e55be39c55fecb20d8c9f4b97dba6591065820f0d7c8e3cc
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
355bd4d3f25252820d33d39b3bf8d4163c4fccc889429c48887e74e9951796b8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37c359acff62e450608a2fb3f67b480f7525cedb358a3b160750d086ecfcd708
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3a5e801541ad45339529cf05cedf94755fee9a98b67160d9951c8f074464d6a8
3a9ae2aee9ffe0232fd5ab30974d2cd772577995295f98fa03c602fc207015de
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3ae55faa9e2bca43b1cb2de84108084a97c2025a476b063eefdf5386fb62239b
3af9d4558886b1fcba80130a959f2bb9a84ba93c34e5ca4ea5320569b3589c20
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
3d83af555220c88b18850ee3fbf69a98d6075c6222996861065acc2d619c492d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3edce34d005dc482173865875381bd5224b5fab5260baf12bf54abbaa7a11143
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
465e00c73f0567c59dff497d72ce8013692c8b59995f0a018966e0fbed402e56
46eac06d72fc84a1f5d16649c8429fdb470ca17314e9046757f737c11c0adc94
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4abb2119946d2b0cb80cfba7f5e73a21d9714d5b405f6713c69a8de2c5591c52
4b72580c1be0027bd5e4838f133d64b941c2bd5088b8403d9315619ca88235a3
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
510ee302f234e20f415e817af134935a91c804d33d9b19a54063b65d1d299a9c
51cea5995d98be6f4ae4ba32b305aba45a876547860b278a0fe86adeb8736768
51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55504e4bf4db52ea9ddb498c660d030e24d69661a1a1cd8012d41d68ce28e8eb
564219d2e74f1d2a3db8f93d0d78b161d8720b5df1a15a2930ad0c3aa9b68b68
56e852a11b709e61ad947b2a575ad63efc7f5088ca7c18c73f1c3dc7518f7bad
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5cb0b17af2e69cc2c148c2d0834edb7413541002a6146fcf387fcf316fd19905
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5d3a8bad0504fe37914f90985bde4ab2c551a7473f1eee73757bd7c6118f74c1
5df82a741f35f402aec3988e3229a76506426466186a5ebb21813cb96efc1614
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f5f83a4da072c2792664a2ab4f343661046ec613e1dbbe32516fdbb882e5c69
606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6ac4a70918f423ebc3c22ef6848aacadfb2ceb65c9a97f98295355119f6b5b83
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8a3627b3aa4d838323359656abbf6048bea270bb0240e188ff4a83cd59f2b1
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
761b309e550425464d627968eee8c2fc2e1b2268a7729ce004f75b75e196ad06
76c38c297b9cc411b77a193041ced2749f15502176a52d15556cbd16b97ba2ff
7946467fd9e9987b964e57648bf2c2b1bca88623f5f0fd7a1ed3aeb9ff684701
7960bddefd3e3485ffdf8715f306349057f4e5f3c06ec9efff5f70a94a2a2a30
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79b8e3890eb687ba94c79bd5d2c83c2070f3c6360894b10c289c8413ad2c96e5
7a9c13ce955591e0934480815ec2dd24680a7c4cab16ef137d20d2146ce7f456
7b7f36827268465082b3762b6dd9da6f6256dd3be1cf8ce64720559f6d8f06b4
7c55b93b0777552782a6ef6330c0bbaeb162185f52cc1c44cfa0f68aaf2cf15c
7c80b136b6a3d9dfa4b9358ea98356cb1318d4b79b8122e48070b709482e0ead
800a7742a7f1f991e8cd55e5311f1cdd2af5387205c238749bbcd08d63f11df7
803d3e2b5fb07d714a3dbe0d5ea121c6ca82702601b561a801b8008033e53a6e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
850df99f7b3040ac647fe5eca8864805218bdbff5235da46ca6b0e9f326fee2d
8589f8de6cff2670debc131476efdd070303664bce3a0b7e231ef16a0bfb6bb9
8849094231493f70be8a0d4be15ba88fbca8dc0799f80912f4be9d35acf1c399
893363da7fd2a5f63da4e52646bd1e3138de0ec9efc53aac865ae09d5a2c7993
8c7b6da2a827a640423cbca9ef5f150970b8cf40accbd930af6cc89e5905614c
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e099f52508ea4e3c116643ff36383375e8ab33ce866e5ab4f17b63f142e98e4
8e0ae319c0889182ffeaed511ab6b7201a039cb89d051d7340a25c1b790bed88
8e66db5c8a3ff67fe0539cb1d3ed50afda03e15bce9d2aff89d4638e5fc99579
8e803df870509df5596e431097ee1fffed78481509f955db288e3f3cd47b16e8
8eafa395e8d6d11d2aecefd1b87583205ba78a973b260d6bb3aceb2f9c0e1be7
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
8fbe99cac77c56627e9529552e91498163cb49c395e5dd7e0aa8e24ff07c74e5
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
91c7758561261be22d7c120ff2d7f703e188a349f9bf548a1de54eabbcb14c63
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
94664f46dfa22d5d14660145127c613d77094205f6711c9caaa6ef26df170c2c
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d6bc34f42a2d91ad2a2e83cae5a83aa5e0eeae8e2b6800cbac0cc5619e41aa6
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28703ce179064607514318635ee6f2f733385950462ebcdb2d7daf9a2e149f5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6066404120bbf3e4a08e8ff3caf6ec3d0128a10c0b64f48428693ff75f945d4
a6a06526ce87bc2b1c34a7a3420a31434157b347ebde20e306f28019dded99be
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
a8dc402493d4a935ea4159ad8e2c9deb7172cba884c17dd8a6ead89b02c9559d
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ad90f960243beeea5c703298139b6a6efe60425bcbd045a71c69049322d2bc19
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a29d37c6cbf3c5499c91b3c7256943b2fa63595af09521c9c8b223d1b159b8
b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554
b5b0be9c7b9a1ab11e553060fd018f95e2cc35b137c6de36f2115c209f928e92
b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
bb16a3569e4c0b93672c18e5e724a0dc962f1be053ce90484a83c70707b6c7c5
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb58c9cfb2cfa3e10b4a1d89aa01385098e6e791ee3355bca839ad3fd3316736
bf56b08a5cec9c1c72c7b1efb585d77a35bdb325c6fe49609664f8dcd37c869b
c177cd91e6820c92e6734c753c5427adf119c24109741f58fce702af10bb4421
c207ae358cba0ebb35eb7e75294c5694b5363376b69abbaa493c83925ba05c37
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5a83eabfb238c654e3791a5873f78692575aa779159a35f2b373ee0d767e1c9
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c697102f60f02fbc9ea436f688817b3049d59c9a96653d78d934eea29cc7ac1f
c6bfa2404f50b950e51de5104cb4ab70e5be066c1d244f85364b6e8d2b4ea845
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c7de406c380759d8592bfed3409fe64c6211d85d4433b23e0dccc67bd7738520
cbc34c853bd77e1fba169f18ed8f02f906918ea509dfb94816b2ddb25d41d43d
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d087f1c0514937d5ba9d37abe3746f15822f15cedffd28fc446b440e9ddef5ec
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1c41e23a493b4c8324c1a117e733df7f82447ca535f4d3cb22ec376f547b9a3
d59d61948f5b76096b5047ada80d295a7c561b6dc893e43fadd0e3ab2255f62e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
dcc9686092380ed166b3d71b02b857582a146063405edf63cf73a344bf234369
dce31a6eb9372790fc1bffe91850698f06d5f85efe59555770f63aa8f0693537
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dabf2c4fe82c99700c5566963d716e86df1210676103b674fed928e8ad73e6
e42dec297797a1746fc148d7b1d1bbd39573d7123a0a8552e7cf35ff1bd74421
e500996e8e7df0dad08ec55dfc1952614ef8f5c25ee6c5902e705268afb7651f
e5c7fa5c4d92e8298e6e72aa9b9a8680e477fccd573b335ca0ad4c2d37420308
e6a7e94a53b549bb9fc58598be2b2e4869b56276066dd87baa5a8a922e233c05
e76161afe81de38b97738d5d9008b7f211017ed268ebc8998acce1f3e9c49f61
e789f58ea6ebfb3eb1a0d85fc19d3676857fdbb7ae8d11ae6c047f4137ecf77c
ea3676ec6710be8b4f8489021b0ef2ef39b387af6de5d08a128a5d5e23327518
eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012d9dd622664df18b0d2f901265cfb1e03278f6a846eaae5d86942f885661d
f270ab381a608a9ad732353e8b147ca8299826c454f0f57042075288797a2fce
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f347eea1cf2a62ce1a9fda1f847b25a09ca73fe6ddb196aa014e705182b0288f
f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

gloss.ua Open in urlscan Pro 13.32.25.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

330 Requests

99 %HTTPS

34 %IPv6

56 Domains

85 Subdomains

54 IPs

12 Countries

5146 kBTransfer

14575 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gloss.ua Open in urlscan Pro
13.32.25.85 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

99 %
HTTPS

34 %
IPv6

56
Domains

85
Subdomains

54
IPs

12
Countries

5146 kB
Transfer

14575 kB
Size

6
Cookies

330 HTTP transactions
11 data transactions