urlscan.io logo urlscan.io
SecurityTrails logo

www.capital.ua Open in urlscan Pro
2606:4700:3031::6815:b0c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capital.ua/
Effective URL: https://www.capital.ua/
Submission: On September 22 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 9 countries across 32 domains to perform 227 HTTP transactions. The main IP is 2606:4700:3031::6815:b0c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.capital.ua.
TLS certificate: Issued by E1 on August 4th 2022. Valid for: 3 months.
This is the only time www.capital.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 2606:4700:303... 13335 (CLOUDFLAR...)
7 45.133.44.3 7018 (ATT-INTER...)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 142.251.39.2 15169 (GOOGLE)
2 104.18.36.173 13335 (CLOUDFLAR...)
1 23.111.96.36 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 3 2a03:2880:f10... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
7 142.250.201.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 67.202.105.34 32748 (STEADFAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.136 13414 (TWITTER)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.33 32748 (STEADFAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
6 16 142.250.185.130 15169 (GOOGLE)
6 10 104.18.18.126 13335 (CLOUDFLAR...)
4 6 185.89.210.101 29990 (ASN-APPNEX)
31 2a00:1450:400... 15169 (GOOGLE)
1 2 52.211.77.239 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
1 1 3.123.239.111 16509 (AMAZON-02)
2 2 104.96.159.57 16625 (AKAMAI-AS)
2 35.186.253.211 15169 (GOOGLE)
2 198.47.127.19 3257 (GTT-BACKB...)
2 2 69.173.144.139 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
7 184.51.10.56 16625 (AKAMAI-AS)
4 142.250.186.98 15169 (GOOGLE)
3 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
227 47
28    2606:4700:3031::6815:b0c (United States)

ASN13335 (CLOUDFLARENET, US)
capital.ua
www.capital.ua
7    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
cdn.gravitec.net
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
www.googleadservices.com
2    104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)
tcr.tynt.com
sc.tynt.com
1    23.111.96.36 (Russian Federation)

ASN39134 (UNITEDNET, RU)
content.adriver.ru
2    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
7    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
id.gravitec.net
5    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
6    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
21    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
10    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
31    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    52.211.77.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-77-239.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    3.123.239.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com
d.agkn.com
2    104.96.159.57 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
7    184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2600:9000:206e:e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:400c:c00::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
8    2600:1f18:1aca:4280:17ae:f7a1:519e:8aec (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
36 googlesyndication.com
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
203 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
321 KB
31 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
608 KB
28 capital.ua
capital.ua
www.capital.ua
537 KB
15 google.com
apis.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 77
adservice.google.com — Cisco Umbrella Rank: 75
223 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 774
static.adsafeprotected.com — Cisco Umbrella Rank: 575
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
98 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
8 KB
10 gstatic.com
ssl.gstatic.com
csi.gstatic.com
6 KB
10 tynt.com
tcr.tynt.com — Cisco Umbrella Rank: 84555
sc.tynt.com — Cisco Umbrella Rank: 7936
ic.tynt.com — Cisco Umbrella Rank: 4104
de.tynt.com — Cisco Umbrella Rank: 1445
18 KB
8 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 22967
id.gravitec.net — Cisco Umbrella Rank: 132346
57 KB
7 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
px.moatads.com — Cisco Umbrella Rank: 467
106 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
127 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
6 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 714
syndication.twitter.com — Cisco Umbrella Rank: 995
152 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
327 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
91 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
115 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
914 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 648
207 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1505
485 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1728
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1020
926 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
1 KB
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 150887
i.bigmir.net — Cisco Umbrella Rank: 296884
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
865 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1423
296 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
98 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 638
763 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 232
2 KB
1 adriver.ru
content.adriver.ru — Cisco Umbrella Rank: 37397
5 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
18 KB
227 32
Domain Requested by
31 s0.2mdn.net www.capital.ua
s0.2mdn.net
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
27 www.capital.ua www.capital.ua
21 pagead2.googlesyndication.com securepubads.g.doubleclick.net
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
16 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
12 tpc.googlesyndication.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
8 dt.adsafeprotected.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 apis.google.com www.capital.ua
apis.google.com
www.youtube.com
accounts.google.com
7 ic.tynt.com www.capital.ua
7 www.youtube.com apis.google.com
www.youtube.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
s0.2mdn.net
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
7 cdn.gravitec.net www.capital.ua
cdn.gravitec.net
6 px.moatads.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 ssl.gstatic.com accounts.google.com
www.capital.ua
5 googleads.g.doubleclick.net www.googleadservices.com
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
www.capital.ua
4 csi.gstatic.com securepubads.g.doubleclick.net
4 googleads4.g.doubleclick.net www.capital.ua
4 www.google.com www.capital.ua
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 platform.twitter.com www.capital.ua
platform.twitter.com
3 static.adsafeprotected.com fw.adsafeprotected.com
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
3 a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.facebook.com 1 redirects www.capital.ua
connect.facebook.net
3 connect.facebook.net www.capital.ua
connect.facebook.net
3 www.googletagservices.com www.capital.ua
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
2 ssum-sec.casalemedia.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 image6.pubmatic.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
2 rtb.openx.net a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
2 e.dlx.addthis.com 2 redirects
2 cms.quantserve.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects www.capital.ua
2 accounts.google.com apis.google.com
www.capital.ua
2 syndication.twitter.com platform.twitter.com
www.capital.ua
2 www.google-analytics.com www.capital.ua
1 fonts.googleapis.com s0.2mdn.net
1 z.moatads.com s0.2mdn.net
1 ag.innovid.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
1 id.rlcdn.com a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
1 d.agkn.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 de.tynt.com tcr.tynt.com
1 www.google.de www.capital.ua
1 yt3.ggpht.com www.youtube.com
1 sc.tynt.com tcr.tynt.com
1 id.gravitec.net cdn.gravitec.net
1 stats.g.doubleclick.net www.google-analytics.com
1 i.bigmir.net www.capital.ua
1 c.bigmir.net 1 redirects
1 content.adriver.ru www.capital.ua
1 tcr.tynt.com www.capital.ua
1 www.googleadservices.com www.capital.ua
1 capital.ua 1 redirects
227 54

This site contains links to these domains. Also see Links.

Domain
www.bigmir.net
Subject Issuer Validity Valid
*.capital.ua
E1		 2022-08-04 -
2022-11-02		 3 months crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-05 -
2023-04-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-01 -
2022-09-29		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh

This page contains 23 frames:

Primary Page: https://www.capital.ua/
Frame ID: 16D5D6347AE4F0599E46A5E51C6BF174
Requests: 81 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: F6E78AC2FC1D2CF4524289410AC06E6C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 26D6333360999532831F19EC3832C70D
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.capital.ua
Frame ID: 884DDE1B21E589C4DED3FF1820C6E098
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: C4947B267DA54E4A522AD52A93E2FE02
Requests: 5 HTTP requests in this frame

Frame: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F2F3926C7B27EB53FBBDB875B1E75F0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.c4bdc17e77719578b594d5555bee90db.ru.html
Frame ID: B85C11842CAC8917C4AE406D83431688
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: D02272DE9DAD7B213CFB97DAE8F98D27
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15c557aa116dc4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff340a5963a4f0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Frame ID: 2D2D51B9D027D58CC311E975DC4161E1
Requests: 1 HTTP requests in this frame

Frame: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA3B37BF5F12A92B34265ED629D89D7B
Requests: 24 HTTP requests in this frame

Frame: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0CE55BD7A0AC28F42C0CE37FD637B2EF
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXi4DgJaxyyhTT9lnv2HqLfPrwwMrWgrofso_YV1iI7-0SDrS_LBcL4G7m0Jh3N0gJZN2JB6Tsvc0j30MfAHV21p1RZ5ctXYUZMyhVViM7EURmqqALulcLb2Bzxmt9NSR94CxE3nQBhefohVeX1g_4bLk3gtZ6VZohkizunrVkl4gyQKrc
Frame ID: 5E13D4FEE68196838DD311D16B017F24
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRCEr-fSAhi2kKrBATAB&v=APEucNWSRH9J053rPDUidZxqODlun_vtzkKR_cZxncKDkHfMl2jBetrtQVHWlcOwZe1LxiUek6QJMUfbx6O-uk_EYMAQSsoa8OPHaIvx72D0Ez-j8hxnCVu-28pDrowIXWPjvmVMuQ3byDOzSSrxeeHNozy2jRfKYS0R8OYxySJS68VdZ114Jr8
Frame ID: 7690511A5AFAF7BA80583DC8474783DF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D89C5266AB55721F0C4DF35A09D03E5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C50BD1551AB89764C74F8FE8E5B7F154
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 178FF5A5CC735587F473319961BED95D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D343E6BD9794B94AE5D729300F2BED8B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D61A1156AC0812E03FCB88917DBF1A8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F6372B6C467F58F431D74E70AC97E45
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
Frame ID: 92AEE048EC7E37E074C946D8D39A4E74
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Frame ID: 932C2935E3BA6F51E2CF2448ACAC1468
Requests: 21 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B91876112E60D144DDCD2C104FEC98D8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Frame ID: 7CEDAE1437C1D7A81018B6127DBE2B7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Капитал

Page URL History Show full URLs

  1. http://capital.ua/ HTTP 301
    https://www.capital.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

227
Requests

93 %
HTTPS

56 %
IPv6

32
Domains

54
Subdomains

47
IPs

9
Countries

2716 kB
Transfer

6725 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capital.ua/ HTTP 301
    https://www.capital.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://c.bigmir.net/?v16931254&s16932857&t3&c1&n992048&w0&y0&d24&r1600 HTTP 302
  • https://i.bigmir.net/cnt/03.png
Request Chain 93
  • https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=349712125128014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15c557aa116dc4%26domain%3Dwww.capital.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.capital.ua%252Ff340a5963a4f0c%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcapitalukraine&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15c557aa116dc4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff340a5963a4f0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Request Chain 119
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyxLz4Q13-iD6KIg3tsvdwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
Request Chain 121
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Request Chain 123
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyxLz4Q13-iD6KIg3tsvdwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
Request Chain 125
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
Request Chain 142
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKe1kYA_LOnXysFELxJljdQ&google_cver=1&google_push=AZmPxg-9KPVHau3V38RS0ilOH9rG_EzMiziQOvXGC8D0ULZWQyfzoMOGq1EHQnFEX5Z41EDVXB5Buv-6Kbr60mPMHtCiROrmHuJG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-9KPVHau3V38RS0ilOH9rG_EzMiziQOvXGC8D0ULZWQyfzoMOGq1EHQnFEX5Z41EDVXB5Buv-6Kbr60mPMHtCiROrmHuJG&google_hm=Q0FFU0VLZTFrWUFfTE9uWHlzRkVMeEpsamRR
Request Chain 143
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg86vn831YeZe1eE5Xv0b2OmgdL6OZyXwkOx0Vc3twX3kxD2DIKnPWqpDB3WZhCbqtNdWaQZ7mYF8OU7ud-EhFb1PrGOUqya&google_gid=CAESEMQRQEag96xGx6njTelz9C4&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg86vn831YeZe1eE5Xv0b2OmgdL6OZyXwkOx0Vc3twX3kxD2DIKnPWqpDB3WZhCbqtNdWaQZ7mYF8OU7ud-EhFb1PrGOUqya&google_gid=CAESEMQRQEag96xGx6njTelz9C4&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMTQ5MzYwMDA3OTQwODc2ODY3OA%3D%3D&google_push=AZmPxg86vn831YeZe1eE5Xv0b2OmgdL6OZyXwkOx0Vc3twX3kxD2DIKnPWqpDB3WZhCbqtNdWaQZ7mYF8OU7ud-EhFb1PrGOUqya
Request Chain 146
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIN6p9hjv1FviYdv3VhsyAU&google_cver=1&google_push=AZmPxg_8pVn4jos5IkYw-Jf8s6H75p7TWiPa4OULUmKZgwJ854Blo2cIfYGYLLvJaZgCJDYKB1MSwMPaTI5U4wiVp3bvTl7KFFiE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJORzUtUy02NlRM&google_push=AZmPxg_8pVn4jos5IkYw-Jf8s6H75p7TWiPa4OULUmKZgwJ854Blo2cIfYGYLLvJaZgCJDYKB1MSwMPaTI5U4wiVp3bvTl7KFFiE
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_cver=1&google_push=AZmPxg-11mQmGDklxxOkT2bQdv8dEKsLsKHf24DU2SGoR_1uNXHujx6sc0YGWtUadM-2LEMPDK7O19Zj91hIqp5da_jGj6gWjGLN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg-11mQmGDklxxOkT2bQdv8dEKsLsKHf24DU2SGoR_1uNXHujx6sc0YGWtUadM-2LEMPDK7O19Zj91hIqp5da_jGj6gWjGLN
Request Chain 155
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIN6p9hjv1FviYdv3VhsyAU&google_cver=1&google_push=AZmPxg_G7RDmIpMIPzSQ3kPFZJnvLOaQ3OGoRCNCF-CnNWF_TJ4b9TWgoC-hdc_i7QIbkFm3AcI73TUw22A5DyiZbj2FF-t4b_5Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJOR08tNS05UzFM&google_push=AZmPxg_G7RDmIpMIPzSQ3kPFZJnvLOaQ3OGoRCNCF-CnNWF_TJ4b9TWgoC-hdc_i7QIbkFm3AcI73TUw22A5DyiZbj2FF-t4b_5Z
Request Chain 156
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_cver=1&google_push=AZmPxg91Od353SmjjgeYuUrTi2iHmTw3mWGQ8W6_tpznFHFFpqGB4r9ytO8FKpJI76mnbGvuX75ilbof1Wc794dpPFXTRPGgudai HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg91Od353SmjjgeYuUrTi2iHmTw3mWGQ8W6_tpznFHFFpqGB4r9ytO8FKpJI76mnbGvuX75ilbof1Wc794dpPFXTRPGgudai
Request Chain 187
  • https://fw.adsafeprotected.com/rfw/st/1151929/65580770/skeleton.js?adsafe_url=https%3A%2F%2Fwww.capital.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dbe953c3-2e0b-a961-60be-b6c4a7c947f6,c:oWxoQG,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57d69b9c8c-w94pm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:381,mot:0,app:0,maw:0,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:403,oid:a12cf330-3a6c-11ed-80b3-0674d4c472b8,v:19.8.352,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

227 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.capital.ua/
Redirect Chain
  • http://capital.ua/
  • https://www.capital.ua/
41 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b7cdfb8f7b786f19ec1224d69419efd60878172a80bf69acabac07ff756e96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
74ead15eae6adc9f-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 11:49:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FWKVAlpK2JW26V5cyYqDETm7hryWsAo1PR4W8H7s6VMyX0gVJb5FV1WrvlHA8DMuqmUDHRZjwJltIfjw0g8fdCeqq2X4frvFe9YFhK4r0XX29F14XX3vRFDakvfSURZnLUF8Kx%2FISPNiAWQXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
74ead15d2f53f42b-LHR
Connection
keep-alive
Content-Type
text/html
Date
Thu, 22 Sep 2022 11:49:32 GMT
Location
https://www.capital.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccHelNB9TR1kXwnyAJvGGcRC2KQePHpCTRVDBHXPGRS1kqerjldTfGB5wOeEDE16dywNNNkr2Clft4C0mGgysFdRUD%2F6mHOrIhoGW91oVcNgaIxNoXDpNbwaeHZpsh0h%2BkwoBbD%2FA6lb"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
client.js
cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
f72c00b15f5e8de9e6d3b0ce7cb5844461b95b80b2765684e8251674898602e7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:05:51 GMT
server
nginx
etag
W/"61fa496f-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:54:36 GMT
cache-control
max-age=10
x-proxy-cache
REVALIDATED
optimized.css
www.capital.ua/assets/ 		126 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/assets/optimized.css?1554978132
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9260505cb5526e66a90f881f03937ac90713ccd18b2e8ff87d1675b388aea8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2019 10:22:12 GMT
server
cloudflare
age
80061
etag
W/"5caf1554-1f799"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8GDSYEsrQmnQollVrOFoIJAsgCL0rhDBycv0PyyM%2BV%2Fb3uwDKw3w5gBsBezmXLFjalI0CSGgh3xZ7469F8iBREPAqKgfcaKkWzU5J%2FkL%2FGLfkRAgwG13I7e%2FQEpbO4ksWPUxvMLbBUK8apJdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f6fdc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 18:09:59 GMT
optimized.js
www.capital.ua/assets/ 		510 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/assets/optimized.js?1554978132
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db54105fde6a0d05b0128e79b9cb1f62c03f6b1ad56f2f3d4c276b502b89e58a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2019 10:22:12 GMT
server
cloudflare
age
80061
etag
W/"5caf1554-7f692"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMEcTIKWp26v1k8%2Bl95FeRWBvfyFLQwh%2Bf9ONwIOXl4U9c7SXv0cOJrfDIyjouxi8GYMiflsXq0ErudkGWQPF7tuMndcpyGNCGBM6ZBMo%2BXTN0Ifq3ww3lmtavvsjNSji8LUwykQGbc3mwNqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f71dc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 20:49:04 GMT
adriver.core.2.js
www.capital.ua/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/js/adriver.core.2.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b510daf4a269c50ee4669c06f25d6b141676acfd21d3faa9663a19e96ac2cf01

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
age
80061
etag
W/"5b4f39f7-1719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHAy%2BujNxHttVFUvxSgRoSHzDrzT1UX58P4esaSeKIFv8w0P0vS%2BoEQsaRfjo5Pvhg4EIpM%2FnrPLwqUM7kvCjhZit%2BoRpRo%2FEfbR0kFp2KXlvGlGCTHBE5eK5q4g42B9QjqkQk9xKopTDjiLqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f74dc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 17:09:47 GMT
highstock.js
www.capital.ua/js/highstock/ 		167 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/js/highstock/highstock.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
350bced20d8c9ed3eccbc0b344aad8e292f6eef92752334683228761a257ac0f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
age
80061
etag
W/"5b4f39f7-29ce4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSVMVzqg26lKz7ypJeNoaw3b2zdLi4h2Pj3Nx3LJ1vF9fHQ0Ca0HyJ9%2FOc6tHjYemMs2lzD98EP4ctWoozQxlNKRM4ZJ0xyTWSm2NFBRIGyRxvDdxCxZ8W%2FTXUrh99ueyTiTZZNMpp0Qo4iY6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f76dc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Sep 2022 10:44:40 GMT
highstock_options.js
www.capital.ua/js/highstock/ 		632 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/js/highstock/highstock_options.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a5cf1105d60aeb4bd2e6420554aecd6321e547a557a60adaefa03a482bdb1c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
age
80061
etag
W/"5b4f39f7-278"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8mZyh%2FunRkVutf%2FH5j1WfJTykypLcdWejhIC6ylHzIUb629%2FlBptpd2LjZ5iGwkuiY94u4yDI%2F6P0cpQXqfkTsn4PfNz4qoG52ZanR5OER9kE5pcqu%2FRCyO2UAEwf2NMXsirzYLb9q8vma%2F0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f77dc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 16:48:27 GMT
exporting.js
www.capital.ua/js/highstock/modules/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/js/highstock/modules/exporting.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d32f16a8513989400a9e3311f0c1cd68bcada10f0b280c4349a8e067e144abf2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
age
80061
etag
W/"5b4f39f7-1bb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SAJZaxkdYTwyF5aw1XdiCdenSr9bFHwVYippR95%2FmMt%2Fk54N0Ym5Nb2JSXnKtH3TW6ceyMQWFcL4T7hxyLAjS8iu%2FBeQ%2BG5NPIoLfFzI78dcMa8gWezEAsW22dSv%2ByMZEUYgE8TOTECdUvZvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f78dc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Sep 2022 13:30:17 GMT
charts.js
www.capital.ua/js/highstock/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/js/highstock/charts.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6247f7daed995cfb08f37d0007fad0cb1d63ef1b2de5cecf9c0ab86d85a5d65a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
age
80061
etag
W/"5b4f39f7-9e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaZusuR2chnNBukc1NDyTJmOUKXWUv63a0NaBIxu%2FJOW0Af%2Fs6nfDPV4L3elAwpKMP2qGPXb7OxxS7TV%2FMkqbI7IoxsR%2BEQRqjj2%2BIsXamW4ijijCdlQnDJvZg4mqQcmS4MH2ghv7e1fAGFe0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead15f3f7adc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 21 Sep 2022 16:48:27 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9972e3e84a2e91b5d6fe48367badd742d054829303a42ef77d4f09fd5ed4d0b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27809
x-xss-protection
0
server
sffe
etag
"1341 / 147 of 1000 / last-modified: 1663845016"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Sep 2022 11:49:32 GMT
press_release_counter.php
www.capital.ua/ 		0
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/press_release_counter.php
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTd9erZUFeq%2FbXjpO6PnfbK%2FpklNuyHSSCJ9rzb%2BCGtOcwq5KNA3sMuDcBMw38aSHVhdR68VJPJFswBScuc1KRMTiZvNtmcw0U0XA1gjluJfWqZ7s0aGlF8Vjilq4Yuhv%2FtEvO4WdM%2Fk0jMcmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
74ead15f3f7bdc9f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
logo.png
www.capital.ua/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/logo.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6022b9877bec4a03206412f11da47ccd5529399b152f41b9c7f0f3a0368e32f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-1961"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6RV%2FZ3gkc394TdTFiIzsvBwK30Ht42QQrST8u0EbwnQW09J5oFR8CD595%2B5dEyR5Ny%2F08rnn8jp2gE5AoqimKZP%2BFQ3M2i0OdHBCswHzT7DLO71F5unonOaczUi5e5pLoNa4z9jLHZ8Ng904w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ce276e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6497
expires
Thu, 22 Sep 2022 17:20:22 GMT
e6cd6960111b8278452598a5e263d7ecae691979.jpg
www.capital.ua/uploads/news/2022/08/30/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/uploads/news/2022/08/30/e6cd6960111b8278452598a5e263d7ecae691979.jpg
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0cf09bd9f43169d5c8293631fc8c1a507f227a1ccd0f688d68e1334d5fcef8f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
167604
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10877
last-modified
Tue, 30 Aug 2022 14:30:21 GMT
server
cloudflare
etag
"630e1efd-2a7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSBTN7PAo8cCrPiXSrEy8sm4G5v8QNiqWu5mCilBDDeTjdW1tHu2tRHMCqThoPQnCDrmu986jvps4dpttSNXwsOuUQkfyf8dIi16ccRIRfSUfcvW6fmv9UdJHYoEv2pCBMWbsm7ivv7Y%2BaK%2BcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
74ead1606ce376e4-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
0a972646f4fa63e0de69f5ae6257a75affe5aba1.jpg
www.capital.ua/uploads/news/2022/09/22/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/uploads/news/2022/09/22/0a972646f4fa63e0de69f5ae6257a75affe5aba1.jpg
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ae76b693c9ae3d90eb97c87446852889c49a979eb8014e97cf9c3a9dcb8a3ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 11:47:30 GMT
server
cloudflare
etag
"632c4b52-1ff4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uxrcda55pyuEi04LKrreQqFrqzNJsTO5RgtEZiaoPmqKomQlbPGTNOjCNuIceIqHrmBbyKtyrDdx9FG3aUyCKJh2F46nlDPjDx3WZxoA1w0mkExbhH8H4%2F3cVtTvoNAZylaD8vJDD%2FGeIBLUlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ce476e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8180
expires
Thu, 31 Dec 2037 23:55:55 GMT
1-2
www.capital.ua/ru/banner/1/ 		258 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/ru/banner/1/1-2?t=1663847362
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b39ecfb0a69c9b8b145596dc63355850353298908699a12b44cb343285d18c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNaSeiUAKgqRo5vPU8f7x5Bdou0RG8Gdgcj5dbBjj3q1O0kkjVkytQUs74cP8SKlAZxiYB%2FOTZ6p6tTR3PEoFRM9q38MRyyyfhC2tp5KGcg047l%2Fip4DUVeNpemx6vGNQXPhRPGLfXN1CV42Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cf-ray
74ead1602c6f76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 22 Sep 2022 11:49:32 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"40c22a9ccbd70870"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 11:49:32 GMT
capital_small.png
www.capital.ua/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/capital_small.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071e2b1d9a2b097b02637097cf21b804874be907bb233c0d2da7ac9e60dc7d95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-4b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amZCknCGptC0U7PhBjSqeRGgZbLZvwI3IcvqK1dJVZpeIta%2FMEHoZQbtwLygpq72K53ktxsE6JQ19tn%2FlIdaLTxxd110OFo3MI8trlvuua1DVycrWBBANLjRIkgI3C9TqXROdEGMzIJ%2FoTT%2BEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ce576e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19208
expires
Thu, 22 Sep 2022 15:51:13 GMT
ftico.gif
www.capital.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/ftico.gif
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c22238b94a54738b7abd0a017c2aa6a4edba9f4c18cf6192a6953bd753c07a9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-5a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMTemXrxU0V3lfgoPzFdFmWAwUecNNZaCQNo6Ott9yU4JNOtpysBj932g9VJixzu8hz6rrEN8%2BUsxl5d1%2FVr%2B3We8jmQwea7yzQjCIh0aN8kvIJmcwaqjRbJrhOa6uCIH%2BkOvUHE02sX5ucSMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ce676e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1447
expires
Thu, 22 Sep 2022 17:26:31 GMT
adv_ico.gif
www.capital.ua/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/adv_ico.gif
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511a0d1515cd71096dd0a3043120145478906f49a659403c4863820559499fc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-8d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw%2Bp9ZLccNzCEoFrtb3QgZwrX9qnd3fLRrwwTInc1Uc4rGDu6n5T821RtfRDgsV5WhLbMWyj%2FRWfAuaMhsudqkH2GndBlXtFq3QsUmu4xC%2B7PXF25Ip1KU6dYCDmetEn65UeAK4KRTPWVt7tiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ce776e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2264
expires
Thu, 22 Sep 2022 17:16:21 GMT
email-decode.min.js
www.capital.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 14:16:51 GMT
server
cloudflare
etag
W/"6329cb53-4d7"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxt9Dh8%2BYwDhIPjf4GPCyv7RyYi0IOFZmcgwo%2Facgnq3tO0CVHIimwsnuYmYmnEY2jwVa0L%2BjE8ZJi%2FWrkMT9oacs4D5LAbubys951ISVStbWy%2FxAu6Bl8Nhzqa%2BMiqKv3LiMMsPKrUBmBDqRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead1606cde76e4-LHR
vary
Accept-Encoding
expires
Sat, 24 Sep 2022 11:49:32 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17403
x-xss-protection
0
server
cafe
etag
17680024240845530123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 11:49:33 GMT
ti.js
tcr.tynt.com/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.tynt.com/ti.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4917a5290466244353dc49caa11b14916816e7523850ff103fabb5484222e0a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Jul 2022 14:57:10 GMT
server
cloudflare
age
247656
etag
W/"62d96946-b4ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
74ead1624825889b-LHR
expires
Sun, 25 Sep 2022 11:49:33 GMT
print.css
www.capital.ua/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/css/print.css
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7284d318cd4fe11463345aacc2c056edde135c6c7e6f52a74bfcbd4b0a005b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
age
49564
etag
W/"5b4f39f7-1826"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvsz37h%2BPfSAcAcgTpIgI4WeyRozsaR8fXjpq2WpvXsnMd4UcjAGLDGpE%2FfzjRqTUlgZpCspgVwWY5BdJsat5fTZCyISnKydW74f%2FEuaGPU0rgN9JOjtkZ9s2Q9HhjEjUnTDo%2F2eKbbMv9hvYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead1606ce976e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Sep 2022 17:35:46 GMT
autoUpdate.adriver.js
content.adriver.ru/plugins/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/js/adriver.core.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.36 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
last-modified
Tue, 13 Sep 2022 14:07:51 GMT
server
nginx
etag
"63208eb7-1455"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
5205
expires
Thu, 22 Sep 2022 12:49:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
4920
date
Thu, 22 Sep 2022 10:27:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 22 Sep 2022 12:27:33 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7b83885ca41fc256ac7ca893538c781f1f1b89a0a88e6f86646149533e42d5f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CcADrWbZviGzpIc+n8JrIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2166
x-fb-rlafr
0
x-fb-debug
iSgE0hJ7i2a63wAOWOyVd6sdEuLyKoOw5Ts850t1GcHYFQYgSX+3ulcgPcu32X896NAXyCrtxKtuFYL3shsE0A==
x-fb-trip-id
720026100
x-fb-content-md5
2d6f50f269c527e67455daa6a137c60d
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 11:49:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4ebd083a76ed326201d3f8993ece9ba6"
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:01:06 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1dc6f5f8a855855a974c5b7c1e5734df987029d6690d288d1c6a0828f2b9b406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+LdJT1KOqHwN8iMvAAhK0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
Fq9Im/rZ34gduXegANbhPpTtr7Cu6uXuOAGkHbVpT5lnVPwybb3xw/x7WbGcf8dZE3nXmhDho0pF4G+CVTLVtg==
x-fb-trip-id
720026100
x-fb-content-md5
f5c26c100f0125d40948b331b0c0ef9c
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 11:49:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c9d475de5226bb62ddc6e16c347464fd"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 22 Sep 2022 12:07:13 GMT
pattern.jpg
www.capital.ua/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/pattern.jpg
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be66554323059a0abbfa9f331f06186ebc979027fe2c85f15ee79e4aa593b8b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-12d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhjgUO3yHRlyAgimfB89%2BRgChFWVlL5KhCBjprIPn6RC9VTYS13REUgwBlYuYbU5iJ3xs0WBSrGtlJ9yu9mT7oI9r8hRXS0aRC2LklVsLkMzvEmLWI%2B2nUlhVgDFbySpVRTiosubxDiw3l8O1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606cea76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4820
expires
Thu, 22 Sep 2022 18:12:03 GMT
apps_tabs.png
www.capital.ua/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/apps_tabs.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d75dc75cb106de2457bd8b4c6ec3bfcb6956ec5a71ae1d63bd3c04bca50d0c04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-1210"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wz70KDggV6sEp8XrRrOhog2xkTfml38TK%2B5f1h96QXbwoDWz2j%2BkKYR7H4eR9IPuOdc%2BDPqiBdN73JkL1l5N0OVdAmv0LNsTdo4Kd6myt9CjevIdsgqn8We7KNxefc53915c%2B%2BbNySR2UawiVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ceb76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4624
expires
Thu, 22 Sep 2022 20:04:31 GMT
header_shadow.png
www.capital.ua/images/ 		1019 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/header_shadow.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631c272f7f88a030ed11f904ab44f1015e8a2a04fe5a75af36dc0a098f29ca49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-3fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FSOLm%2BMBB0WL%2FLSYg15fqAH1gXNAgB1lY0iK0yEiRdV6flfHbEu9%2Bi4UfGXQIyaVbubPfTxeGIBLw%2FTCvKNMsponMDBm5yHzLe97PT%2FO42dILpDvUKnEkej4C9PeFR%2BSB%2B21kNWOj0Bq29AJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606cec76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1019
expires
Thu, 22 Sep 2022 16:58:57 GMT
src_ico.gif
www.capital.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/src_ico.gif
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3c04e9e7e6154c1ca2e831613a83c093486264c3f1e0353b3d0fb9e23129f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-4eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBIWA4hWym%2FFsBodOxtpnUyhogrmFoBag22%2FD9S6oKA1Q%2F7iEgLPUFXGannh2JaZ2L4INOq5%2Bs1VxQi9gbJhsneDYeZYiSr3iMrywOk94Q2blukQtwNsr5bsvyQZVA9l64DN5L75lQMyLcI98Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606ced76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1259
expires
Thu, 22 Sep 2022 20:10:42 GMT
ico.png
www.capital.ua/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/ico.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ddc44e3081c49237803054c042aaecc07bb19cd5881c1f331e7a1da9aa1ede

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-129f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKgsATq%2FIAL41UDi6%2BMNRXCYa1jCYTH7G5%2BXMretThNyIaaTBVKy3DVetqJ1ei7CHU299ALeoXRaqOfCYRdqe1oMuCbpjLvTLb6kbXsQ8%2F9kTJIZ9j5mysD5%2F15VnxWUqUAaWHVqLugz%2F9XZHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606cef76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4767
expires
Thu, 22 Sep 2022 20:04:31 GMT
capital_subscribe.png
www.capital.ua/images/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/capital_subscribe.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83f16828bd83d0d23827633f90ff31b26ce65269772607912ae09f6c69ec9f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-12c1c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6KreKquy%2F6CcouqoBIIWgivQHGQCVEtG4yLS8SPVVYACnwzy4MIhDHijIrfKqy%2B74ldx9gUCSvkJSj4ZtdYwdjZZRBPJd4pwkm4980z%2BjSHWZRCMjydMGfCuERZczocjxHd0z7OlNqw6XRPww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606cf076e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76828
expires
Thu, 22 Sep 2022 17:26:26 GMT
line_sep.gif
www.capital.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/line_sep.gif
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bca3d7095cfd66495e1ab002c3f29c473e8937598bb6587c9837b08eaa586e6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-448"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIhRgdBbemLtRsK%2FrRbayyofzZJceqvavx0DQbgy9D9VU6tC0cPQ5voCt01FDo97VPwz3HpG%2BDjoIIgoDmaD011%2Fmhk9v8MKGOXm%2BRZux52ukrs2H2icmkYPsp3WvKpjSISqGIbqjUAqFP%2BnBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1606cf276e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1096
expires
Thu, 22 Sep 2022 17:26:26 GMT
MoreWebPro-Bold.woff
www.capital.ua/font/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.capital.ua/font/MoreWebPro-Bold.woff
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a0204474934112a6a39bedafb7614a689d6fec65a7423fa57fe5fd58369c6ac

Request headers

Referer
https://www.capital.ua/assets/optimized.css?1554978132
Origin
https://www.capital.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
W/"5b4f39f7-107cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE7lBDq3WB%2BvGbUYDzBPSZ9iAggxuQgx%2FPgKtCEw9aA%2F9St%2BwqclEG5nI7QpcbMePgcrEDE5gctF1vQRASexml89Q61WoVOAjIwCoBD3DI9EFbPd9i93DeDCo3%2F3ACUwpbxCKgdAxvYuBecBRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ead1606cf676e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 23 Sep 2022 04:50:37 GMT
configs
cdn.gravitec.net/sdk/web/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=bd0e7e8a17ae45c7c333dec9004ef332
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
ae9f8b2245fd6258201abe84a8d5f0800b0c96bbd5525cee109e4ca89741ebed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
x-correlation-id
55579d24bd31659d524d7c5d7b7a61e3
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
content-encoding
gzip
x-proxy-cache
MISS
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=667122436675876&ev=PixelInitialized&dl=https%3A%2F%2Fwww.capital.ua%2F&rl=&if=false&ts=1663847373060
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 22 Sep 2022 11:49:33 GMT
sdk.js
connect.facebook.net/en_US/ 		318 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e3cb0f77719cefb08b2517bafb5015ef
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9582fddcf573573833d07c893dcb98243a37e55c4ecd9659da5318c99480a4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.capital.ua/
Origin
https://www.capital.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/SY1VWBZA/sZtcgmL0twYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88799
x-fb-rlafr
0
x-fb-debug
4q2jF7uq8YL6a+n3vt5pbgu9kuweXrIVPgBL57sQJvRyFHH5wAeQp6C7tcnN4r6BVESgAyr2NEv7x8fQPE2uqg==
x-fb-content-md5
10ea0a23a4eea94b884d9bba969a64db
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 11:49:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"80d697011aa1aa72aa375d1ec39471ff"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Sep 2023 11:16:26 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 11:49:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
980
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Methods
GET
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29220
x-amzn-internal-status
304
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (frb/6762)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
x-tw-cdn
VZ
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
03.png
i.bigmir.net/cnt/
Redirect Chain
  • https://c.bigmir.net/?v16931254&s16932857&t3&c1&n992048&w0&y0&d24&r1600
  • https://i.bigmir.net/cnt/03.png
723 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/03.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
last-modified
Sun, 02 Oct 2005 23:04:59 GMT
server
nginx
etag
"4340679b-2d3"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
723
expires
Sun, 25 Sep 2022 11:49:33 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 11:49:33 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/03.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
pubads_impl_2022091901.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
sffe /
Resource Hash
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131339
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 10:52:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		90 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.capital.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
bbfedbec8c19e0e93646a74d2a83346d563db2821b2f0ae2c0bb5e43989612cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Thu, 22 Sep 2022 11:49:33 GMT
newspaper.png
www.capital.ua/images/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capital.ua/images/newspaper.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a25e15288d627519dbd34574323769d168e086c381ef0221039701d5178d76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/assets/optimized.css?1554978132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
cf-cache-status
HIT
last-modified
Wed, 18 Jul 2018 13:00:39 GMT
server
cloudflare
etag
"5b4f39f7-10ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMqAy1usjFvtxmOBF4abqgM094767PoDXVsDMs1oth1HkP%2BcA%2FXI218Rez6Dcm96IyYP%2FWHKJiQowsJL791hXOFBNTjFju%2BPTfBZIDjQ4%2FBn%2BI0PvGa8yFrYTn%2FlARpCHYqsKiopn6S8Ev4%2BcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ead1620f8e76e4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68310
expires
Fri, 23 Sep 2022 11:21:13 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-41262090-1&cid=1209063104.1663847373&jid=1381104069&gjid=1039881743&_gid=1484555946.1663847373&_u=IGBAgAABAAAAAE~&z=2075464231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.capital.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Sep 2022 11:49:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.capital.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1745904624&t=pageview&_s=1&dl=https%3A%2F%2Fwww.capital.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=1381104069&gjid=1039881743&cid=1209063104.1663847373&tid=UA-41262090-1&_gid=1484555946.1663847373&z=1354819799
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 01:26:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37395
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
id.gravitec.net/ Frame F6E7 		621 B
696 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=315360000 public
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 11:49:33 GMT
etag
W/"5e9485b6-26d"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
pragma
public
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
Abm0DAaq04b/ByC6AA
x-77-nzt-ray
HvJ6FQ7MIDI
x-77-pop
viennaAT
x-accel-expires
@1967009478
x-age
12197895
x-cache
HIT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/974279079/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/974279079/?random=1663847373157&cv=9&fst=1663847373157&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21f53085c3fccaff5bec767e848a931cd1578035907487d6dac2567cbb640d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1009
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96aec8c9f7981a987d0bacb3de756545e59a163f7fc94c47eea050b2f06316dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43528
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 08:45:24 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f08af001134142200d0ef8e41ecb0f6f8d91951208c13f9e207e78d8f928b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 12:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41753
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 12:57:03 GMT
subscribe_embed
www.youtube.com/ Frame 26D6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2de465aae7c12a3aa8371f4bc55a48edd179d222e6754a1013e58fcb8574ed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 22 Sep 2022 11:49:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
aY8v7MplSr47tmacwqm_6l.js
sc.tynt.com/script/sc/ 		72 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/aY8v7MplSr47tmacwqm_6l.js
Requested by
Host: tcr.tynt.com
URL: https://tcr.tynt.com/ti.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedd780f76a420cb35b50a5a67dd45a38504ea9d5cb8f659f0539a4b19c3c8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
49927
status
200 OK
x-xss-protection
1; mode=block
x-request-id
8171a8fb-dfb6-4330-b71c-c2285173498e
x-runtime
0.002337
x-content-digest
b60c39066cc74a425a897c870ec8ff2f30b9e758
last-modified
Wed, 21 Sep 2022 14:11:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400, public, s-maxage=172800
cf-ray
74ead162d91e889b-LHR
x-rack-cache
fresh
expires
Thu, 22 Sep 2022 21:22:20 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
0.bundle.js
cdn.gravitec.net/modules/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-2550"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:29 GMT
cache-control
max-age=10
x-proxy-cache
HIT
1.bundle.js
cdn.gravitec.net/modules/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-8092"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:29 GMT
cache-control
max-age=10
x-proxy-cache
HIT
widget_iframe.c4bdc17e77719578b594d5555bee90db.html
platform.twitter.com/widgets/ Frame 884D 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.capital.ua
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1868775
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Sep 2022 11:49:33 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 26D6 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 10:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Sep 2023 10:24:39 GMT
AMLnZu8pOJHsEl7LmdDr4k4y_Yp5y0neF9Mnh-TlzVEd=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 26D6 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu8pOJHsEl7LmdDr4k4y_Yp5y0neF9Mnh-TlzVEd=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
75aaec4b62fba6c84cb3c62422aaf9ac5daa12d8f6682f2e332d2a6ab24592d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:47:41 GMT
x-content-type-options
nosniff
age
3712
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1188
x-xss-protection
0
server
fife
etag
"v52"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 Jul 2022 04:25:48 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 26D6 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Sep 2023 08:45:40 GMT
settings
syndication.twitter.com/ Frame 884D 		771 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=6eebec769e2862e5d4b297b0cd39ac5834ada5d2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.capital.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
105
date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 11:49:33 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8e9e083ab4a3b779f5e210a86b3367d373aaa6e8f86fc32167b1c4915dc7d600
content-length
327
/
www.google.com/pagead/1p-user-list/974279079/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/974279079/?random=1663847373157&cv=9&fst=1663844400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&fmt=3&is_vtc=1&random=3597650787&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/974279079/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/974279079/?random=1663847373157&cv=9&fst=1663844400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&fmt=3&is_vtc=1&random=3597650787&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame C494 		566 B
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a202e70d4db97812b5fc72963c927bac431b7bff64c0bd47ece71ab6b21408d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KliwjKD1BvQsQSres21GbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KliwjKD1BvQsQSres21GbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 11:49:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
v2
de.tynt.com/deb/ 		4 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=aY8v7MplSr47tmacwqm_6l&dn=TI&cc=1&r=
Requested by
Host: tcr.tynt.com
URL: https://tcr.tynt.com/ti.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
cache-control
max-age=86400
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Fri, 23 Sep 2022 11:49:33 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1c8aa3edf7ab15c66ca1f99b1203d9d6262caa767542574a2b18d45b3bda48e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2819
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24266
x-xss-protection
0
server
cafe
etag
8726009137278784513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:02:34 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.capital.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.capital.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3031217078439693&correlator=2057707638521387&eid=31069718%2C31068883%2C31068366%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fifs&iu_parts=79855315%2Cpremium-300-250%2Cpremium-botton-300-250%2Carticle-botton%2Cpromo-933-46&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C468x60%2C933x46&ifi=1&adks=2673231228%2C465682209%2C1085093868%2C2660635015&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663847373594&lmt=1663847373&dlt=1663847372647&idt=917&adxs=1124%2C1124%2C-9%2C176&adys=328%2C667%2C-9%2C313&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.capital.ua%2F&rumc=3031217078439693&rume=1&frm=20&vis=1&psz=300x265%7C300x265%7C0x-1%7C932x46&msz=300x-1%7C300x-1%7C0x-1%7C932x-1&fws=0%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1209063104.1663847373&ga_sid=1663847374&ga_hid=1745904624&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
312d16737c730e755c0cd88abf2261a579fe39b66dcbc59bcb7c4bbf76fb1b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20005
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.capital.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F2F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:33 GMT
expires
Fri, 22 Sep 2023 11:49:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 26D6 		156 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:08:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
175290
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 20 Sep 2023 11:08:03 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cspreport
accounts.google.com/o/ Frame C494 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-gEe7ZwXPhR1T5_SXl2krDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:33 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-gEe7ZwXPhR1T5_SXl2krDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 26D6 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42573
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 08:45:50 GMT
1832714284-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame C494 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4294
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 02:09:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 10:14:47 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame C494 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5576
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 22 Sep 2022 11:49:33 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"57666e60922e2537"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 11:49:33 GMT
button.c6c95b9789db97ea1e9742d215fff751.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.c6c95b9789db97ea1e9742d215fff751.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
98b3ff3a8543eaee1f9946fde06f31cd9bb98f9e57cd431e0234db57c221334e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 11:49:33 GMT
Content-Encoding
gzip
Age
1868776
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2361
x-tw-cdn
VZ
Last-Modified
Wed, 31 Aug 2022 20:40:49 GMT
Server
ECS (frb/6762)
Etag
"3b5d132d3d3780b86a6d19d169faef45+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_2?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9430
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 08:45:54 GMT
follow_button.c4bdc17e77719578b594d5555bee90db.ru.html
platform.twitter.com/widgets/ Frame B85C 		41 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.c4bdc17e77719578b594d5555bee90db.ru.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
2fc3f5aa5ee0a21b0ac738fba1eac241ac924339e1794c6cec91619e34bc0664

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1868738
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
15491
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Sep 2022 11:49:33 GMT
Etag
"9401d80210da85e7b91759763d869510+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:52 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6762)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.capital.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1663847373784%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=6eebec769e2862e5d4b297b0cd39ac5834ada5d2
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
108
date
Thu, 22 Sep 2022 11:49:33 GMT
last-modified
Thu, 22 Sep 2022 11:49:33 GMT
server
tsa_f
vary
Origin
content-type
image/gif
cache-control
must-revalidate, max-age=600
x-connection-hash
8e9e083ab4a3b779f5e210a86b3367d373aaa6e8f86fc32167b1c4915dc7d600
strict-transport-security
max-age=631138519
content-length
43
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
subscribe_embed
www.youtube.com/ Frame D022 		601 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf18c2ed159735a06020cbb58043dd22bdfeb9e489db154495e58991ccdebcfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 22 Sep 2022 11:49:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:26:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
120208
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Sep 2023 02:26:05 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 08:08:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
99686
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Sep 2023 08:08:07 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:52:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
64626
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Sep 2023 17:52:27 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:42:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
238052
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Sep 2023 17:42:01 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:17:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
153112
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Sep 2023 17:17:41 GMT
truncated
/ Frame B85C 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:33 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame C494 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19063
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 08:31:53 GMT
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame D022 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Sep 2023 08:45:57 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame D022 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Sep 2023 08:45:57 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame D022 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42573
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 08:45:50 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1663847373257&dn=TI&iso=0
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
www.facebook.com/login/ Frame 2D2D
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=349712125128014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15c...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15c557aa116dc4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff340a5963a4f0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e3cb0f77719cefb08b2517bafb5015ef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 11:49:34 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
dMNyHNMi9UkbwsOILV55CK7+H0qtN1wJGRmYts62a/YYDnAcmvL68LzltoO1wmWDBU7LvIudyvFRgsNEn5Ahiw==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Thu, 22 Sep 2022 11:49:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15c557aa116dc4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff340a5963a4f0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
zcgbCqE48ecbx4wPyrh2o9dCfk8Lgn60rXzwxjTDp7w6bGTi/F8D4SFzcedyZO1NJCGKTmVp1B2TS7KIdHTdhA==
x-fb-rlafr
0
x-xss-protection
0
lato.woff2
cdn.gravitec.net/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/lato.woff2
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer
https://www.capital.ua/
Origin
https://www.capital.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-36dc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:28 GMT
cache-control
max-age=10
accept-ranges
bytes
content-length
14044
x-proxy-cache
HIT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca38f1b09b5080d4d706aeda131bb8785cb0c2b630b4d40821f7e1736dbf209a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11196
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.capital.ua&doc=complete&pg_h=1733&pg_w=1600&pg_hs=1733&c=3&aa_c=0&av_h=182&av_w=510.667&av_a=64290.667&s=16&all_s=16&b=750&all_b=750&d=0.315&all_d=0.315&ard=0.070&all_ard=0.070&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA3B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:33 GMT
expires
Fri, 22 Sep 2023 11:49:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0CE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:33 GMT
expires
Fri, 22 Sep 2023 11:49:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sourcesanspro.woff2
cdn.gravitec.net/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer
https://www.capital.ua/
Origin
https://www.capital.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-1e44"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 09:06:29 GMT
cache-control
max-age=10
accept-ranges
bytes
content-length
7748
x-proxy-cache
HIT
946939071.jpeg
cdn.gravitec.net/images/users/1649310270269423616/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gravitec.net/images/users/1649310270269423616/946939071.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
dcaf67aaced809a8a66e31ea3e7c0623de21c3a3509f3af9e70574bc9d420dce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 22 Sep 2022 11:49:34 GMT
last-modified
Mon, 04 Nov 2019 22:02:49 GMT
server
nginx
etag
"5dc0a009-e27"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3623
x-proxy-cache
HIT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5E13 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXi4DgJaxyyhTT9lnv2HqLfPrwwMrWgrofso_YV1iI7-0SDrS_LBcL4G7m0Jh3N0gJZN2JB6Tsvc0j30MfAHV21p1RZ5ctXYUZMyhVViM7EURmqqALulcLb2Bzxmt9NSR94CxE3nQBhefohVeX1g_4bLk3gtZ6VZohkizunrVkl4gyQKrc
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0CE5 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAFJ_y-vIUQDw6w6ZNBxUdaft_hY_ChW2L0uc7uFxP0E3YCppFi-FBptmV0lN845nzYvVx7a80xOQDs7XR3XJ9k4m9shzDCw0jp-sngnkJ3odU3U5dhuG5LWaLa_x2zFWy8VOAD5CX-AApX9XtiFpp30XiLj3-bjtcQJz09ZhmJ9avUCw&dbm_d=AKAmf-DFquy8oYmrKCecP1ohxBXdzrX_3BRMbCRGNefjCaidixvH5lVVsgTVIJ78QRswzLQ3JL3eN7HG8EnuYkosWQQFH7uhLncULB1rS4NvyrTJ0VDP1RMevTP1qyiB--qu8dpmHTyDvKq3o5OkWaXWaqqXUuRe3G8gTW4jAs2ajjxm-8JxvF_jYe9_sZJj23OKOBgtEmQIA2Z5SlTFXJOruu545PrEX2QsOaPX2kwMZwFSmblCDRvHQAt1IU00KfcgTNNsoJZ_IxjNi_z_jbdQ95HmZoa4-5CO16fMJ_X1cIjJ2H53Lrw3YjJRv7j1Uvvlr2drPrZHLY3nj8tbmg08movzfJSKs7_D-6Z7299HH3r5lNDm21esjN1HugpOjO7SUvpzjiSLFW3d7-Vkd8SCB4Vx5_r04H8-aio2G1BEs7pjAiObj8Ncb6eMBs6roipcZ1RWm5qf3ZRmtjukeyaMZ_YmuakyXeBWVzYj9F2y7NQqKevtfoxD23gaVqOB1xmTAn94UyrDF4EYHh2et8D_KzaG7MUCXwmMg6BLxr-SRRuiVNyJ_Qq2zQErEwBU0xyZX1hZCHKeHF51BiNwarZS1cUTVs51_LakVjnmly_S2oZb343yHTA3ZS0TXgvFnQiTzxXMkgEJfjQB6DHaLEbXAqXe9widFux-kPrpMxsNBZrG_AZtP7JsWPAjq1AtdOKNQcvMxDwtI9cbE9fwofPGONpKYxTUkkbPX666TroNzA2If2RlhokgKkA_ixGygwiZKKmH8X8ONqETV7LRPWzRIC_3j23hb7_0rtGzF5ZbFqBOaL71SPM8X6YNWmpbpk7nqyHJfPzp_Bge3_e7cPnc_KnMK-Zhm1h1dQOQkBXQGX78ekSZuKjsbpxmPYWW3Cm6_jHv3oCRAeQT8897KW2SpprloP4FvkuHgCef2VZp_Ae18fiXsNKyDM8MhafVR-Hv9PbuYsIkqipXSlrnQbDUSazPTYvRcxtmwm4UkHq2zmwZ_qqYrK8ZYyvgWJ_O244x_XVpph0J1OcAHrdZa8anCEnADqzEPl5NAfYTJ3jkoH438Iwgz2bPv5GpNdHM1lb4TTbI3j0IS-Pk9HfRSh74lT6hNZK5DyQLJqs98HE6dG1NvLUI0Cg9aXWrKQEY96lb6T0dJKj2_Pkuv5_VN_XSJSTfGkFlCcdoNaECwWZVE5NYg3nd5y-h1fWD4pEPxLGl2MPE1YCH4cDBjxx7FUFE67PukFuZOoGHy8OpkB6wMXagaSYeeaBz3DU0BEB6PJXV4GjflYesTot3ftwIMjs_0nNpx8cPwZtefFE_pjnObkhripewPFwQ3BXnwoLr8kfrxHC0Dk5eH6lt9eqTDjfVxWQNv7EwwdwD2wsndZP8NsUc7UVQPlCGtd7taAwKaX28DeQjzKkqUSXW53FFP_GKXNkQPCIXT6gGN6_FuZ_bCwrv3RHwjEaNCzZ1EqfnNFpRhZ1Ud3jtZMoanjJlQwXQhBg7KvK9EgHjXFIC7fzGmfMLF5XDHTb4UlYtq3aJsE4XkwLQHW2ZHUxUfyAdWAIVzZLG35PC1AhNjR9Az_HA2ua56mv7JvJ8cl-YdShPwyt0x7GSBHupDNlevkVl4a5lc-8q4IVzZCrfoIbV83qH3GhZ7xYQweHIPH1C_dfAnotoYYv3yfXnXXHN_W7Z5TMxGSOBHl31QJWpYiBmuZueIwle7Cs_81IwfP3vlkwzRnvLW3XuUCByak9xW3cPCgJ-OXtqyKumuu9MPoX9aNfpDQiqqGKsr4vQWjf2Go5pL1zcusKihpbcRBOrkbVMMQlpABAWREKC8c9-gsZL9wDEe_IVLd7naUExaceG4taVIfA06C8rYgRdhvDrEC2LrRgS3JhABYbZ-hOodhOIefHH2-AgH49XfJBGg2EHN_Vsck-8HLnQhpv4Ysvdaiy2SIck3AWHV7kQwKciai59vpDeAQP2KUB7o9EH_OxFdZZdPKx-OevDG3cCJoF5mpd8jnIS7JD7r5Iw3rSpbxC_KMP-Otk070XUb6yTDzGq-uEkEjcKUk9Mbi-4d1xU2APOKghynSl53mp7aoDdDaLVz0ZTJCuO1ox4fMtk3mLn0oHWmqej9YTr9iIJFpuqdyuXarhLbDGZQhlj9Vtq7jfhmO-2OfP1FYnGDGzqvsNG-ugUsddAbH28P8BfcB0XL03nA9dhppWaPvzchcGsVjEZUdAzVptnBJBwc7pLXPcZ3RFYX17FTWGLO7pea732g4MIpYpz5KO5p9NopAIYy1LacJbfoiaQXvfUsxCHVyY9gWs5NyP1cth5l8lRwMYz_5P0Gz4IoBggcZvoChadu7ojeAr2pUQABOeYSyZTsczy6mNACOlDAC4f5Bl9okt29qVuQTd0dlVUjw12gwWNH3CCZb-S3Oi-1mtOj6mee0_X6jMGmbyZmVQswldvdin-cJGQsT-NUJHXWzah0r0RukCvmAmM7A81VS_AevZeeUYV9yiBlE_Fn_ZmAMt7hx30QWJ5tharJLo6Jo7gj5hczvB2zgWAwtighSc6cGVTKkDJo3NKOE7JIo6arAxorXFQllHE11xuFKuRHLTqehBCR622qrEmkyadPOQcu4d2Hu2mRVth6_nBAtKjt8oc_W2MrZkdn89h-8YW4p89tZMB7Q6ykuCtc-m9JerU4R0F4yNxRbsXQ346shVjSha7TpArq0ERmpB5VX9COeyFu6FrgboThQlpi-JJZFAXrD-aTnsrFfCRIu2wxJKsHCv9JUjuXuOcusGIeYgDTH2smGB38MSlAdsPAUKaOEmLHZxMgUhue4xcp_bAkyL1FGaL73hWq57v7PLErsZ-MB-gC_Syqn3Db3t_GCiDxl2pkrhDQISr7x8CMreCRu-aoovb7e7bfuizIJJYUKisRodf3rz3srCRsD2SFMgqvFl1fXJoFsbZvf3mJ3ZdA3ZSW9LTW2WuqQElRoJLVEv9NxQxw5Vqsr-2uJPEi5uXLx2U6DVKGf6B13bg4hSlkrDf1l_dBHokSHFRSY2rVO127vvFEWt96txpJ9mqJqnx4D3cAO3ZQsPoPCuQDytojv14Z2cVjbwqVqOSgT9V251pTTO5aeGYnMddPqBw5DshxCE1uBPHYOVF5UeGJi2wKQPj-Q8J&cid=CAASJORoWphtVZFX55i1Q8VhK5CmrqkW5r8sGZ90-hmh62L70g1vMA&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e1d7c34f3b311ed92a50bcae21fdf815cd7a9dc4491a9052f439deb903e8cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CE5 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4E8AFYFuV8LH2EBkT6yAKXa8Cblk12ez43NePWy9iW2vBh0CpFOcLzlaVFJzU4MzlpDnvdWhi_WWC6OnZ8t3CcGjol4jzslYqUFOWToz3ZApXeZs
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 0CE5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:06:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 0CE5 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 10:58:42 GMT
l
www.google.com/ads/measurement/ Frame 0CE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTc4VvdsR9PXhj09TwkLSI9M_YAnXIS4qBzHJeL_YtlRidYyKPFJgt6JeAGY3ZYKCgGYu6mI4pHw4CHR691ffiVMYfckA
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0CE5 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 11:49:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7690 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRCEr-fSAhi2kKrBATAB&v=APEucNWSRH9J053rPDUidZxqODlun_vtzkKR_cZxncKDkHfMl2jBetrtQVHWlcOwZe1LxiUek6QJMUfbx6O-uk_EYMAQSsoa8OPHaIvx72D0Ez-j8hxnCVu-28pDrowIXWPjvmVMuQ3byDOzSSrxeeHNozy2jRfKYS0R8OYxySJS68VdZ114Jr8
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EA3B 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ2jqMQiJYeqIat4bMrL1vgUQrMzRjGvPL8wzJR9NFN7MJVBg812rp5HmO2I4LuCM3UvCQCnxTJDR8RihIV_MD_DTJoQ&cry=1&dbm_d=AKAmf-C-D56gsncY529xmVLCsrsuShSsz6YcfF9HU3jZnlWtZg_farajn-lrPsHIBgR-5CsEFZZd7K9I2cEvsOTzjxUXLLVNMXDf-17pSmDdcm4A6awSBMgS1mfaCesVdtocUi6JFKsu9eFPUmnD5ELxpJ8NRxpibbJ-A6ZeD6TF6u7LRPPCkDtwQd8k9l8QU_bJF2TmEkQjo7o-Ofyd7Np0CuHU0c3Vj_ZP-7INhAnGD_hrqyyVobHjCI8wA1ThGjy8gUBLqpLNpiJssNz82MltyvFtIYh9b063Pt4LffBRncfLFAEGRig5SGOzyx6Llbsk1RI-EHVuc3OyAQsA7OeWeOVYH8gn6Sjl8-voHEnVq7xqMboNCp9DvgwY2QFVWhd4O75mKi0q0pdq5hALXxlkPO-1zHJ1AfzmB8D8-J8YxdX-lav0d8d15iMNfl4lxaINJi5qWBmkR3pdHTorcYRM1d3K2jAjcekqsc6PObL5U2uGdLwGg3NLpIskaHAjq2my3RxcvmrFkSpP9yy1LTAiA2KeJV9Bxhl436OHqS7D29DbjFliSpIccBhFVmLsI2YvFB2DFFvzsI19xbjNvlEUZtcCv0_7MKO6O8E_AMyO1qlLt0fJls7ZCX_1Clq3sl-6u4QgE4jYIGeuOTe0UC6A3iKoComoo4KkZDWB7ZI23Yihz3_okhM16uJ7HzNJvwaOavbLmW4NWu9t9aN9J7pXGWgrlN4rqGhB8FYO4ddu3FjmRewyZUleJQEA3YCjiMQKM3EE2DDtC-6VaNw4hHLyIBW15V0-VNJ6vZe0MIvm2Y6Xu4LUp0WBmp7QFWlYblniiHa_xMCXCXDrM6cOKebNus8TmhTtWYXMUjz-fngNuZQk_pvvZ_T7MlENCRcnKAUr3FvJZ-gxoqw0HBtWn17gB04U7RGItfk61-W4rVaYsOHyRAPvLo1lEDhyx5Zxp69AepUOfa2nNd1st3-dPQ_9R7xYN0BeuzyeHwfFwVw85GlmNzeRqSk2W3UDJPib1MHxahZm0XyA0r6GAM-o9jI9HYL0bOCIrd573qwhojtFgiT5QcskGRKGLsPzBkylaq0DRTa8fenPy0J-oQRJOkHNxjdAgafj6l1V7ZMf12UvFlYhh_txKRX0jvX28_mNwltRqlWSiGSrQ3aenitAz_HrBL_IlnciGwqnmMWpYxl9qmmawnnUpuQuR5Fjo8lXc8Lqa5wHS4md5I5y2DsPRq3syksIW3U_cJ3zms_ntfxufMH45nW3vbJRRwfPWz4tGTK2ffd-ArXzDIktsNdyifUP5ZQHoeEiTlHjhDSn0uRRcF4dazj7Af0ig5Sr7f2MttpdcpLDzg9u_FD9u-nY6bueHv02bpR7DOlGx0JF53l6YRoQIpWa_Vmxw7k-D5dluXam0_Vp2Sdc7tnIqgB2Y8ATks5mHklpx0tkOmrLfGAssKe0Wu7L4iTmuESqZ-OXVvXUVb1hhc-Sva64I9eT3u_p8IFWaZJ5xExPaTIjS3eomIObm61O0i9oeYYZa1TK5S5oot44fZq_m341WJuElwQOrnObuu5XP0aBEoOhhtt080e0AGD1IlWe0qU7t7VuZp--s7bFDcJ6BPy8OZPum66KLVZftCr5BkyLs-vn08V_5DnJSmbRGf5qkcW0QR8yaFt1VELm-joXaZ-a1tEkg2rAvaHS1ZIpmLUzoKk63iqX365CBe2zVErjdwW6MToGDjjhm-xQOW0mSmUDVSywtirlnFkMWU4cJgW4O87L5Vg1VNnJKDItnKdby7lTAV-WvlZDl62rJ_4jiJmQsRoANM2bQAMxobHtLW5eSI-QW6030QCFeZWStfq9ZLN1ApmXo9cZteV9TH-RkGp6H4wdqMh2N2IbpFdTNKi6Thh70NDKfii2churm07Ub24qkWYK1GOFCKMk9rNfHvjTHiEZnFAA8dUKmeiOIGpnlf8S9vu9QPCwB0X6AuQ9IG4Cyp2M5ziQUQLacnve3OSNfd3HcRBWDzcwshvggwq2UnpRwpdP--C1G4KZVtwQbGBw7iLlmKwQrvXc1dwHul2qGtNaYAdZlv5Mg6AVEL_scZ4q_NdPw2W_M2Tn4hvikxTJT61yMb5XAOhEItRhDh58wmt25bmHVlTzi3Ba6q7ZflMUQnvym1C0eafTrOojouXHUC7b15-qeY9jl7S9HgRBC4teXc1Z_SYhzkrTS1lMz7U2V70t_xnpmzJqrxIzLJ7IZtbYkmwiV_KTnRNUFxjaK-xAkUKUkXWOiMNpAohZ1TfJ5ilYVq1jcptFvaE6Jl75c_EsUyAWmRB6Hzcof34c_q9TRtNTlNuFSSs8h3m10o9iSUgE-LMJGqAqn5YSDttHkLBOa_djj3qByaguIkUJWrGWcTIhpDdDpPf7BO2-sJLbU7sfhGTAe_sjffwqulHF5DwH6TMvXWHk_XMT5N1xYTQy3nExXHYd6vnNvqE1IqNKl6dhzQVM2DB9OUXYurkyFnn05_TJu_4D60RLTS5LHslfNOQW3wX3bB0A6MNxu2opmxFImNDfhM9PpxoFJaybToWl3LDeuIALY9rEyEkb-Z510juGQN99R8fbKCqGA70ZVTLvk8DIgwaE7fer0tck1-lXHiXVmEsgMTR3_lGKVsrKU0Rj3x7xUUCSJVySUYFMkpVPxahR7uBaUtW5nhk5r2SJtiPUqjzJl1zWIb-f51lJYp2u5mFNXIhBmrjHDfTqQsezTOVgBznk22Z-RRlLaWI5Nzilpipom6_vvjroJwaMi5jTSmRXtGGNpDypJmnkcHaswanvrCUD51mmvSaTFmvj5BDEqtWQJWxSwIPEbjrXntiRAewvCZQzllHmm-RtEOMulCxdFsH86jzVswHcsCIEdtzmBuqThqnswe3eYOvCl0siz2_xhqmyPWbHVXEu2LVo_XHWJVXzAfXDf9Kv9LkFYEP9tGT7XHJqUDaAxP3PwbKsYGJw8KyGTPC31XP3DOI2lQzK4-NOpWdj_i5VA6NSldEpBxC6Lx_PqK1TB1MdPxe2vTN7S_JSWVcxDDzi37xfCa_xMxS1uOJrHMk6ux-PJGcZVteuxaLTSK50gdsg3otGYkcQe5Zwi3ClnCOudG9LCnErNmSnlXj-jcbMnPvYd-gWUNIvgyq8_s9unLeqlgc-haLL3hgn7h3jSkp54bl-Md49oFqrENdgGL9t5d6beir3wCYAsvf81-mbwVJhYI6WLubZT3-uh-DLOQQDfO3hHGJrgM8xrpFf6QnIQ-hxj0q75IUKxRMl&cid=CAASJORo8uuX2WReZoCgzfp34yIPBxxupQNif5TeTL4iIz3pKO7avA&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9767b15463e94e22f50f0f8e23670b0185f6257e48cd512fc962ea8a2c703f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34390
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA3B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A83Ufx8RiaXeesXx6JXsR2o5-sV2h5QJd_q1WM8eqICrnNqlOaO_8pX51l12Akg8rbeW4iObdRS5zgenL5X5BAkCnkOqNViuce283RTEnTQmAUb30
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame EA3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:06:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame EA3B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 10:58:42 GMT
l
www.google.com/ads/measurement/ Frame EA3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTO-QlcjINudBJ4386ja2vcpbXVtWd1olTCRHA_08SwOWWG6_CholJTOnUIkqMYscW3DaCaMEhNM6lEhn8EVXMdrMQY0w
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA3B 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 11:49:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 11:49:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D89C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:02:07 GMT
expires
Fri, 22 Sep 2023 11:02:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C50B 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
588a56638a8b444eeb671c67f0393e5afcbad5424cdb1bf62ba6628628766507
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D9gIbK9bjrLTJmpxlCipdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.capital.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-D9gIbK9bjrLTJmpxlCipdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:34 GMT
expires
Thu, 22 Sep 2022 11:49:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 7690
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRCEr-fSAhi2kKrBATAB&v=APEucNWSRH9J053rPDUidZxqODlun_vtzkKR_cZxncKDkHfMl2jBetrtQVHWlcOwZe1LxiUek6QJMUfbx6O-uk_EYMAQSsoa8OPHaIvx72D0Ez-j8hxnCVu-28pDrowIXWPjvmVMuQ3byDOzSSrxeeHNozy2jRfKYS0R8OYxySJS68VdZ114Jr8
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74ead16f89b4741f-LHR
pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nacLDn0CdnJWHURp%2BFgfMVEi2IUumHa19RFoRPuTrM%2F76npFZpOwRorV0BilEAjXfqISEuNtfLELGfgXZCS8JM2Zfai0X924SRdgF6AIe9ucgo0s4sFf%2BBIKr9m4aOLLGuAzdmrR%2FY25pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7690
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyxLz4Q13-iD6KIg3tsvdwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRCEr-fSAhi2kKrBATAB&v=APEucNWSRH9J053rPDUidZxqODlun_vtzkKR_cZxncKDkHfMl2jBetrtQVHWlcOwZe1LxiUek6QJMUfbx6O-uk_EYMAQSsoa8OPHaIvx72D0Ez-j8hxnCVu-28pDrowIXWPjvmVMuQ3byDOzSSrxeeHNozy2jRfKYS0R8OYxySJS68VdZ114Jr8
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74ead170cb68741f-LHR
pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnN9q2xLKG7LBFJKeNGzVlfyu6zaUoAST0%2FOkDF4aF3FXl9UvGo1IO%2B1kmRQjtnhRIv6j7G7eAjq9lgmRItIxGgEY9a73DJPUyXAXI6KfkwR176ebO4qmhfQ6UTu6ACZNuSZyQ6tLoldGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7690
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRCEr-fSAhi2kKrBATAB&v=APEucNWSRH9J053rPDUidZxqODlun_vtzkKR_cZxncKDkHfMl2jBetrtQVHWlcOwZe1LxiUek6QJMUfbx6O-uk_EYMAQSsoa8OPHaIvx72D0Ez-j8hxnCVu-28pDrowIXWPjvmVMuQ3byDOzSSrxeeHNozy2jRfKYS0R8OYxySJS68VdZ114Jr8
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 11:49:35 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
094fdff5-298c-4244-a886-d515be2b51cd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7690
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRCEr-fSAhi2kKrBATAB&v=APEucNWSRH9J053rPDUidZxqODlun_vtzkKR_cZxncKDkHfMl2jBetrtQVHWlcOwZe1LxiUek6QJMUfbx6O-uk_EYMAQSsoa8OPHaIvx72D0Ez-j8hxnCVu-28pDrowIXWPjvmVMuQ3byDOzSSrxeeHNozy2jRfKYS0R8OYxySJS68VdZ114Jr8
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 11:49:35 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a3e208c6-f695-4afb-9317-4cf178ecbddb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5E13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXi4DgJaxyyhTT9lnv2HqLfPrwwMrWgrofso_YV1iI7-0SDrS_LBcL4G7m0Jh3N0gJZN2JB6Tsvc0j30MfAHV21p1RZ5ctXYUZMyhVViM7EURmqqALulcLb2Bzxmt9NSR94CxE3nQBhefohVeX1g_4bLk3gtZ6VZohkizunrVkl4gyQKrc
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74ead16f89b2741f-LHR
pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jncpaxoM2Ch%2F2C3e0pt9lrd7A9b231OeV0YI295qcI8kKC72N2KnwiH84A6ZXyOQkjrkQzmkAxwp70S197Dh%2BIdLu7U0DTiWIYwFZfgKkAGscx4ppKwrV870q5yzGXMAd1g%2FHfcdsb9i4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5E13
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyxLz4Q13-iD6KIg3tsvdwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXi4DgJaxyyhTT9lnv2HqLfPrwwMrWgrofso_YV1iI7-0SDrS_LBcL4G7m0Jh3N0gJZN2JB6Tsvc0j30MfAHV21p1RZ5ctXYUZMyhVViM7EURmqqALulcLb2Bzxmt9NSR94CxE3nQBhefohVeX1g_4bLk3gtZ6VZohkizunrVkl4gyQKrc
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74ead170cb61741f-LHR
pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SheZJ%2FDlAaBRRGZgkVnTia4n60QQNteCJpeo%2F5ZThBlcyBlCndUeeabPuJxH8DDWxM1kizoCB6CVFMTJEcxPs69uDwQ3Ygu1haQCJceRUbfZ0rw70C7%2B%2Fqgv9QiIgTi2eUpQmQf5qIxIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqv8_lSd9jIgEuIIiH2eUY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5E13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXi4DgJaxyyhTT9lnv2HqLfPrwwMrWgrofso_YV1iI7-0SDrS_LBcL4G7m0Jh3N0gJZN2JB6Tsvc0j30MfAHV21p1RZ5ctXYUZMyhVViM7EURmqqALulcLb2Bzxmt9NSR94CxE3nQBhefohVeX1g_4bLk3gtZ6VZohkizunrVkl4gyQKrc
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 11:49:35 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9f25e4e-3fab-4332-ae7c-74ac3d1e0472
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPngYmPTFqQKebSYIjHN4V4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E13
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXi4DgJaxyyhTT9lnv2HqLfPrwwMrWgrofso_YV1iI7-0SDrS_LBcL4G7m0Jh3N0gJZN2JB6Tsvc0j30MfAHV21p1RZ5ctXYUZMyhVViM7EURmqqALulcLb2Bzxmt9NSR94CxE3nQBhefohVeX1g_4bLk3gtZ6VZohkizunrVkl4gyQKrc
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 11:49:35 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
32d4a307-d6c0-4b0e-92a5-04a007bf2d22
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAxNzQwNDQ5MjMwNjY0ODQ4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EA3B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Origin
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 11:21:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame EA3B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ2jqMQiJYeqIat4bMrL1vgUQrMzRjGvPL8wzJR9NFN7MJVBg812rp5HmO2I4LuCM3UvCQCnxTJDR8RihIV_MD_DTJoQ&cry=1&dbm_d=AKAmf-C-D56gsncY529xmVLCsrsuShSsz6YcfF9HU3jZnlWtZg_farajn-lrPsHIBgR-5CsEFZZd7K9I2cEvsOTzjxUXLLVNMXDf-17pSmDdcm4A6awSBMgS1mfaCesVdtocUi6JFKsu9eFPUmnD5ELxpJ8NRxpibbJ-A6ZeD6TF6u7LRPPCkDtwQd8k9l8QU_bJF2TmEkQjo7o-Ofyd7Np0CuHU0c3Vj_ZP-7INhAnGD_hrqyyVobHjCI8wA1ThGjy8gUBLqpLNpiJssNz82MltyvFtIYh9b063Pt4LffBRncfLFAEGRig5SGOzyx6Llbsk1RI-EHVuc3OyAQsA7OeWeOVYH8gn6Sjl8-voHEnVq7xqMboNCp9DvgwY2QFVWhd4O75mKi0q0pdq5hALXxlkPO-1zHJ1AfzmB8D8-J8YxdX-lav0d8d15iMNfl4lxaINJi5qWBmkR3pdHTorcYRM1d3K2jAjcekqsc6PObL5U2uGdLwGg3NLpIskaHAjq2my3RxcvmrFkSpP9yy1LTAiA2KeJV9Bxhl436OHqS7D29DbjFliSpIccBhFVmLsI2YvFB2DFFvzsI19xbjNvlEUZtcCv0_7MKO6O8E_AMyO1qlLt0fJls7ZCX_1Clq3sl-6u4QgE4jYIGeuOTe0UC6A3iKoComoo4KkZDWB7ZI23Yihz3_okhM16uJ7HzNJvwaOavbLmW4NWu9t9aN9J7pXGWgrlN4rqGhB8FYO4ddu3FjmRewyZUleJQEA3YCjiMQKM3EE2DDtC-6VaNw4hHLyIBW15V0-VNJ6vZe0MIvm2Y6Xu4LUp0WBmp7QFWlYblniiHa_xMCXCXDrM6cOKebNus8TmhTtWYXMUjz-fngNuZQk_pvvZ_T7MlENCRcnKAUr3FvJZ-gxoqw0HBtWn17gB04U7RGItfk61-W4rVaYsOHyRAPvLo1lEDhyx5Zxp69AepUOfa2nNd1st3-dPQ_9R7xYN0BeuzyeHwfFwVw85GlmNzeRqSk2W3UDJPib1MHxahZm0XyA0r6GAM-o9jI9HYL0bOCIrd573qwhojtFgiT5QcskGRKGLsPzBkylaq0DRTa8fenPy0J-oQRJOkHNxjdAgafj6l1V7ZMf12UvFlYhh_txKRX0jvX28_mNwltRqlWSiGSrQ3aenitAz_HrBL_IlnciGwqnmMWpYxl9qmmawnnUpuQuR5Fjo8lXc8Lqa5wHS4md5I5y2DsPRq3syksIW3U_cJ3zms_ntfxufMH45nW3vbJRRwfPWz4tGTK2ffd-ArXzDIktsNdyifUP5ZQHoeEiTlHjhDSn0uRRcF4dazj7Af0ig5Sr7f2MttpdcpLDzg9u_FD9u-nY6bueHv02bpR7DOlGx0JF53l6YRoQIpWa_Vmxw7k-D5dluXam0_Vp2Sdc7tnIqgB2Y8ATks5mHklpx0tkOmrLfGAssKe0Wu7L4iTmuESqZ-OXVvXUVb1hhc-Sva64I9eT3u_p8IFWaZJ5xExPaTIjS3eomIObm61O0i9oeYYZa1TK5S5oot44fZq_m341WJuElwQOrnObuu5XP0aBEoOhhtt080e0AGD1IlWe0qU7t7VuZp--s7bFDcJ6BPy8OZPum66KLVZftCr5BkyLs-vn08V_5DnJSmbRGf5qkcW0QR8yaFt1VELm-joXaZ-a1tEkg2rAvaHS1ZIpmLUzoKk63iqX365CBe2zVErjdwW6MToGDjjhm-xQOW0mSmUDVSywtirlnFkMWU4cJgW4O87L5Vg1VNnJKDItnKdby7lTAV-WvlZDl62rJ_4jiJmQsRoANM2bQAMxobHtLW5eSI-QW6030QCFeZWStfq9ZLN1ApmXo9cZteV9TH-RkGp6H4wdqMh2N2IbpFdTNKi6Thh70NDKfii2churm07Ub24qkWYK1GOFCKMk9rNfHvjTHiEZnFAA8dUKmeiOIGpnlf8S9vu9QPCwB0X6AuQ9IG4Cyp2M5ziQUQLacnve3OSNfd3HcRBWDzcwshvggwq2UnpRwpdP--C1G4KZVtwQbGBw7iLlmKwQrvXc1dwHul2qGtNaYAdZlv5Mg6AVEL_scZ4q_NdPw2W_M2Tn4hvikxTJT61yMb5XAOhEItRhDh58wmt25bmHVlTzi3Ba6q7ZflMUQnvym1C0eafTrOojouXHUC7b15-qeY9jl7S9HgRBC4teXc1Z_SYhzkrTS1lMz7U2V70t_xnpmzJqrxIzLJ7IZtbYkmwiV_KTnRNUFxjaK-xAkUKUkXWOiMNpAohZ1TfJ5ilYVq1jcptFvaE6Jl75c_EsUyAWmRB6Hzcof34c_q9TRtNTlNuFSSs8h3m10o9iSUgE-LMJGqAqn5YSDttHkLBOa_djj3qByaguIkUJWrGWcTIhpDdDpPf7BO2-sJLbU7sfhGTAe_sjffwqulHF5DwH6TMvXWHk_XMT5N1xYTQy3nExXHYd6vnNvqE1IqNKl6dhzQVM2DB9OUXYurkyFnn05_TJu_4D60RLTS5LHslfNOQW3wX3bB0A6MNxu2opmxFImNDfhM9PpxoFJaybToWl3LDeuIALY9rEyEkb-Z510juGQN99R8fbKCqGA70ZVTLvk8DIgwaE7fer0tck1-lXHiXVmEsgMTR3_lGKVsrKU0Rj3x7xUUCSJVySUYFMkpVPxahR7uBaUtW5nhk5r2SJtiPUqjzJl1zWIb-f51lJYp2u5mFNXIhBmrjHDfTqQsezTOVgBznk22Z-RRlLaWI5Nzilpipom6_vvjroJwaMi5jTSmRXtGGNpDypJmnkcHaswanvrCUD51mmvSaTFmvj5BDEqtWQJWxSwIPEbjrXntiRAewvCZQzllHmm-RtEOMulCxdFsH86jzVswHcsCIEdtzmBuqThqnswe3eYOvCl0siz2_xhqmyPWbHVXEu2LVo_XHWJVXzAfXDf9Kv9LkFYEP9tGT7XHJqUDaAxP3PwbKsYGJw8KyGTPC31XP3DOI2lQzK4-NOpWdj_i5VA6NSldEpBxC6Lx_PqK1TB1MdPxe2vTN7S_JSWVcxDDzi37xfCa_xMxS1uOJrHMk6ux-PJGcZVteuxaLTSK50gdsg3otGYkcQe5Zwi3ClnCOudG9LCnErNmSnlXj-jcbMnPvYd-gWUNIvgyq8_s9unLeqlgc-haLL3hgn7h3jSkp54bl-Md49oFqrENdgGL9t5d6beir3wCYAsvf81-mbwVJhYI6WLubZT3-uh-DLOQQDfO3hHGJrgM8xrpFf6QnIQ-hxj0q75IUKxRMl&cid=CAASJORo8uuX2WReZoCgzfp34yIPBxxupQNif5TeTL4iIz3pKO7avA&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:00:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame EA3B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ2jqMQiJYeqIat4bMrL1vgUQrMzRjGvPL8wzJR9NFN7MJVBg812rp5HmO2I4LuCM3UvCQCnxTJDR8RihIV_MD_DTJoQ&cry=1&dbm_d=AKAmf-C-D56gsncY529xmVLCsrsuShSsz6YcfF9HU3jZnlWtZg_farajn-lrPsHIBgR-5CsEFZZd7K9I2cEvsOTzjxUXLLVNMXDf-17pSmDdcm4A6awSBMgS1mfaCesVdtocUi6JFKsu9eFPUmnD5ELxpJ8NRxpibbJ-A6ZeD6TF6u7LRPPCkDtwQd8k9l8QU_bJF2TmEkQjo7o-Ofyd7Np0CuHU0c3Vj_ZP-7INhAnGD_hrqyyVobHjCI8wA1ThGjy8gUBLqpLNpiJssNz82MltyvFtIYh9b063Pt4LffBRncfLFAEGRig5SGOzyx6Llbsk1RI-EHVuc3OyAQsA7OeWeOVYH8gn6Sjl8-voHEnVq7xqMboNCp9DvgwY2QFVWhd4O75mKi0q0pdq5hALXxlkPO-1zHJ1AfzmB8D8-J8YxdX-lav0d8d15iMNfl4lxaINJi5qWBmkR3pdHTorcYRM1d3K2jAjcekqsc6PObL5U2uGdLwGg3NLpIskaHAjq2my3RxcvmrFkSpP9yy1LTAiA2KeJV9Bxhl436OHqS7D29DbjFliSpIccBhFVmLsI2YvFB2DFFvzsI19xbjNvlEUZtcCv0_7MKO6O8E_AMyO1qlLt0fJls7ZCX_1Clq3sl-6u4QgE4jYIGeuOTe0UC6A3iKoComoo4KkZDWB7ZI23Yihz3_okhM16uJ7HzNJvwaOavbLmW4NWu9t9aN9J7pXGWgrlN4rqGhB8FYO4ddu3FjmRewyZUleJQEA3YCjiMQKM3EE2DDtC-6VaNw4hHLyIBW15V0-VNJ6vZe0MIvm2Y6Xu4LUp0WBmp7QFWlYblniiHa_xMCXCXDrM6cOKebNus8TmhTtWYXMUjz-fngNuZQk_pvvZ_T7MlENCRcnKAUr3FvJZ-gxoqw0HBtWn17gB04U7RGItfk61-W4rVaYsOHyRAPvLo1lEDhyx5Zxp69AepUOfa2nNd1st3-dPQ_9R7xYN0BeuzyeHwfFwVw85GlmNzeRqSk2W3UDJPib1MHxahZm0XyA0r6GAM-o9jI9HYL0bOCIrd573qwhojtFgiT5QcskGRKGLsPzBkylaq0DRTa8fenPy0J-oQRJOkHNxjdAgafj6l1V7ZMf12UvFlYhh_txKRX0jvX28_mNwltRqlWSiGSrQ3aenitAz_HrBL_IlnciGwqnmMWpYxl9qmmawnnUpuQuR5Fjo8lXc8Lqa5wHS4md5I5y2DsPRq3syksIW3U_cJ3zms_ntfxufMH45nW3vbJRRwfPWz4tGTK2ffd-ArXzDIktsNdyifUP5ZQHoeEiTlHjhDSn0uRRcF4dazj7Af0ig5Sr7f2MttpdcpLDzg9u_FD9u-nY6bueHv02bpR7DOlGx0JF53l6YRoQIpWa_Vmxw7k-D5dluXam0_Vp2Sdc7tnIqgB2Y8ATks5mHklpx0tkOmrLfGAssKe0Wu7L4iTmuESqZ-OXVvXUVb1hhc-Sva64I9eT3u_p8IFWaZJ5xExPaTIjS3eomIObm61O0i9oeYYZa1TK5S5oot44fZq_m341WJuElwQOrnObuu5XP0aBEoOhhtt080e0AGD1IlWe0qU7t7VuZp--s7bFDcJ6BPy8OZPum66KLVZftCr5BkyLs-vn08V_5DnJSmbRGf5qkcW0QR8yaFt1VELm-joXaZ-a1tEkg2rAvaHS1ZIpmLUzoKk63iqX365CBe2zVErjdwW6MToGDjjhm-xQOW0mSmUDVSywtirlnFkMWU4cJgW4O87L5Vg1VNnJKDItnKdby7lTAV-WvlZDl62rJ_4jiJmQsRoANM2bQAMxobHtLW5eSI-QW6030QCFeZWStfq9ZLN1ApmXo9cZteV9TH-RkGp6H4wdqMh2N2IbpFdTNKi6Thh70NDKfii2churm07Ub24qkWYK1GOFCKMk9rNfHvjTHiEZnFAA8dUKmeiOIGpnlf8S9vu9QPCwB0X6AuQ9IG4Cyp2M5ziQUQLacnve3OSNfd3HcRBWDzcwshvggwq2UnpRwpdP--C1G4KZVtwQbGBw7iLlmKwQrvXc1dwHul2qGtNaYAdZlv5Mg6AVEL_scZ4q_NdPw2W_M2Tn4hvikxTJT61yMb5XAOhEItRhDh58wmt25bmHVlTzi3Ba6q7ZflMUQnvym1C0eafTrOojouXHUC7b15-qeY9jl7S9HgRBC4teXc1Z_SYhzkrTS1lMz7U2V70t_xnpmzJqrxIzLJ7IZtbYkmwiV_KTnRNUFxjaK-xAkUKUkXWOiMNpAohZ1TfJ5ilYVq1jcptFvaE6Jl75c_EsUyAWmRB6Hzcof34c_q9TRtNTlNuFSSs8h3m10o9iSUgE-LMJGqAqn5YSDttHkLBOa_djj3qByaguIkUJWrGWcTIhpDdDpPf7BO2-sJLbU7sfhGTAe_sjffwqulHF5DwH6TMvXWHk_XMT5N1xYTQy3nExXHYd6vnNvqE1IqNKl6dhzQVM2DB9OUXYurkyFnn05_TJu_4D60RLTS5LHslfNOQW3wX3bB0A6MNxu2opmxFImNDfhM9PpxoFJaybToWl3LDeuIALY9rEyEkb-Z510juGQN99R8fbKCqGA70ZVTLvk8DIgwaE7fer0tck1-lXHiXVmEsgMTR3_lGKVsrKU0Rj3x7xUUCSJVySUYFMkpVPxahR7uBaUtW5nhk5r2SJtiPUqjzJl1zWIb-f51lJYp2u5mFNXIhBmrjHDfTqQsezTOVgBznk22Z-RRlLaWI5Nzilpipom6_vvjroJwaMi5jTSmRXtGGNpDypJmnkcHaswanvrCUD51mmvSaTFmvj5BDEqtWQJWxSwIPEbjrXntiRAewvCZQzllHmm-RtEOMulCxdFsH86jzVswHcsCIEdtzmBuqThqnswe3eYOvCl0siz2_xhqmyPWbHVXEu2LVo_XHWJVXzAfXDf9Kv9LkFYEP9tGT7XHJqUDaAxP3PwbKsYGJw8KyGTPC31XP3DOI2lQzK4-NOpWdj_i5VA6NSldEpBxC6Lx_PqK1TB1MdPxe2vTN7S_JSWVcxDDzi37xfCa_xMxS1uOJrHMk6ux-PJGcZVteuxaLTSK50gdsg3otGYkcQe5Zwi3ClnCOudG9LCnErNmSnlXj-jcbMnPvYd-gWUNIvgyq8_s9unLeqlgc-haLL3hgn7h3jSkp54bl-Md49oFqrENdgGL9t5d6beir3wCYAsvf81-mbwVJhYI6WLubZT3-uh-DLOQQDfO3hHGJrgM8xrpFf6QnIQ-hxj0q75IUKxRMl&cid=CAASJORo8uuX2WReZoCgzfp34yIPBxxupQNif5TeTL4iIz3pKO7avA&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11738
x-xss-protection
0
server
cafe
etag
507854449507764401
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:47:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C50B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091901&jk=3031217078439693&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
skeleton.js
fw.adsafeprotected.com/rjss/st/1151929/65580770/ Frame 0CE5 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1151929/65580770/skeleton.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.77.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-77-239.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
40ad8c5ef02bb8e4bf7d881e53c8c8f6324a4abe64738215c4fbcbe9100e59ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0CE5 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Origin
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame 0CE5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAFJ_y-vIUQDw6w6ZNBxUdaft_hY_ChW2L0uc7uFxP0E3YCppFi-FBptmV0lN845nzYvVx7a80xOQDs7XR3XJ9k4m9shzDCw0jp-sngnkJ3odU3U5dhuG5LWaLa_x2zFWy8VOAD5CX-AApX9XtiFpp30XiLj3-bjtcQJz09ZhmJ9avUCw&dbm_d=AKAmf-DFquy8oYmrKCecP1ohxBXdzrX_3BRMbCRGNefjCaidixvH5lVVsgTVIJ78QRswzLQ3JL3eN7HG8EnuYkosWQQFH7uhLncULB1rS4NvyrTJ0VDP1RMevTP1qyiB--qu8dpmHTyDvKq3o5OkWaXWaqqXUuRe3G8gTW4jAs2ajjxm-8JxvF_jYe9_sZJj23OKOBgtEmQIA2Z5SlTFXJOruu545PrEX2QsOaPX2kwMZwFSmblCDRvHQAt1IU00KfcgTNNsoJZ_IxjNi_z_jbdQ95HmZoa4-5CO16fMJ_X1cIjJ2H53Lrw3YjJRv7j1Uvvlr2drPrZHLY3nj8tbmg08movzfJSKs7_D-6Z7299HH3r5lNDm21esjN1HugpOjO7SUvpzjiSLFW3d7-Vkd8SCB4Vx5_r04H8-aio2G1BEs7pjAiObj8Ncb6eMBs6roipcZ1RWm5qf3ZRmtjukeyaMZ_YmuakyXeBWVzYj9F2y7NQqKevtfoxD23gaVqOB1xmTAn94UyrDF4EYHh2et8D_KzaG7MUCXwmMg6BLxr-SRRuiVNyJ_Qq2zQErEwBU0xyZX1hZCHKeHF51BiNwarZS1cUTVs51_LakVjnmly_S2oZb343yHTA3ZS0TXgvFnQiTzxXMkgEJfjQB6DHaLEbXAqXe9widFux-kPrpMxsNBZrG_AZtP7JsWPAjq1AtdOKNQcvMxDwtI9cbE9fwofPGONpKYxTUkkbPX666TroNzA2If2RlhokgKkA_ixGygwiZKKmH8X8ONqETV7LRPWzRIC_3j23hb7_0rtGzF5ZbFqBOaL71SPM8X6YNWmpbpk7nqyHJfPzp_Bge3_e7cPnc_KnMK-Zhm1h1dQOQkBXQGX78ekSZuKjsbpxmPYWW3Cm6_jHv3oCRAeQT8897KW2SpprloP4FvkuHgCef2VZp_Ae18fiXsNKyDM8MhafVR-Hv9PbuYsIkqipXSlrnQbDUSazPTYvRcxtmwm4UkHq2zmwZ_qqYrK8ZYyvgWJ_O244x_XVpph0J1OcAHrdZa8anCEnADqzEPl5NAfYTJ3jkoH438Iwgz2bPv5GpNdHM1lb4TTbI3j0IS-Pk9HfRSh74lT6hNZK5DyQLJqs98HE6dG1NvLUI0Cg9aXWrKQEY96lb6T0dJKj2_Pkuv5_VN_XSJSTfGkFlCcdoNaECwWZVE5NYg3nd5y-h1fWD4pEPxLGl2MPE1YCH4cDBjxx7FUFE67PukFuZOoGHy8OpkB6wMXagaSYeeaBz3DU0BEB6PJXV4GjflYesTot3ftwIMjs_0nNpx8cPwZtefFE_pjnObkhripewPFwQ3BXnwoLr8kfrxHC0Dk5eH6lt9eqTDjfVxWQNv7EwwdwD2wsndZP8NsUc7UVQPlCGtd7taAwKaX28DeQjzKkqUSXW53FFP_GKXNkQPCIXT6gGN6_FuZ_bCwrv3RHwjEaNCzZ1EqfnNFpRhZ1Ud3jtZMoanjJlQwXQhBg7KvK9EgHjXFIC7fzGmfMLF5XDHTb4UlYtq3aJsE4XkwLQHW2ZHUxUfyAdWAIVzZLG35PC1AhNjR9Az_HA2ua56mv7JvJ8cl-YdShPwyt0x7GSBHupDNlevkVl4a5lc-8q4IVzZCrfoIbV83qH3GhZ7xYQweHIPH1C_dfAnotoYYv3yfXnXXHN_W7Z5TMxGSOBHl31QJWpYiBmuZueIwle7Cs_81IwfP3vlkwzRnvLW3XuUCByak9xW3cPCgJ-OXtqyKumuu9MPoX9aNfpDQiqqGKsr4vQWjf2Go5pL1zcusKihpbcRBOrkbVMMQlpABAWREKC8c9-gsZL9wDEe_IVLd7naUExaceG4taVIfA06C8rYgRdhvDrEC2LrRgS3JhABYbZ-hOodhOIefHH2-AgH49XfJBGg2EHN_Vsck-8HLnQhpv4Ysvdaiy2SIck3AWHV7kQwKciai59vpDeAQP2KUB7o9EH_OxFdZZdPKx-OevDG3cCJoF5mpd8jnIS7JD7r5Iw3rSpbxC_KMP-Otk070XUb6yTDzGq-uEkEjcKUk9Mbi-4d1xU2APOKghynSl53mp7aoDdDaLVz0ZTJCuO1ox4fMtk3mLn0oHWmqej9YTr9iIJFpuqdyuXarhLbDGZQhlj9Vtq7jfhmO-2OfP1FYnGDGzqvsNG-ugUsddAbH28P8BfcB0XL03nA9dhppWaPvzchcGsVjEZUdAzVptnBJBwc7pLXPcZ3RFYX17FTWGLO7pea732g4MIpYpz5KO5p9NopAIYy1LacJbfoiaQXvfUsxCHVyY9gWs5NyP1cth5l8lRwMYz_5P0Gz4IoBggcZvoChadu7ojeAr2pUQABOeYSyZTsczy6mNACOlDAC4f5Bl9okt29qVuQTd0dlVUjw12gwWNH3CCZb-S3Oi-1mtOj6mee0_X6jMGmbyZmVQswldvdin-cJGQsT-NUJHXWzah0r0RukCvmAmM7A81VS_AevZeeUYV9yiBlE_Fn_ZmAMt7hx30QWJ5tharJLo6Jo7gj5hczvB2zgWAwtighSc6cGVTKkDJo3NKOE7JIo6arAxorXFQllHE11xuFKuRHLTqehBCR622qrEmkyadPOQcu4d2Hu2mRVth6_nBAtKjt8oc_W2MrZkdn89h-8YW4p89tZMB7Q6ykuCtc-m9JerU4R0F4yNxRbsXQ346shVjSha7TpArq0ERmpB5VX9COeyFu6FrgboThQlpi-JJZFAXrD-aTnsrFfCRIu2wxJKsHCv9JUjuXuOcusGIeYgDTH2smGB38MSlAdsPAUKaOEmLHZxMgUhue4xcp_bAkyL1FGaL73hWq57v7PLErsZ-MB-gC_Syqn3Db3t_GCiDxl2pkrhDQISr7x8CMreCRu-aoovb7e7bfuizIJJYUKisRodf3rz3srCRsD2SFMgqvFl1fXJoFsbZvf3mJ3ZdA3ZSW9LTW2WuqQElRoJLVEv9NxQxw5Vqsr-2uJPEi5uXLx2U6DVKGf6B13bg4hSlkrDf1l_dBHokSHFRSY2rVO127vvFEWt96txpJ9mqJqnx4D3cAO3ZQsPoPCuQDytojv14Z2cVjbwqVqOSgT9V251pTTO5aeGYnMddPqBw5DshxCE1uBPHYOVF5UeGJi2wKQPj-Q8J&cid=CAASJORoWphtVZFX55i1Q8VhK5CmrqkW5r8sGZ90-hmh62L70g1vMA&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:00:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 0CE5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAFJ_y-vIUQDw6w6ZNBxUdaft_hY_ChW2L0uc7uFxP0E3YCppFi-FBptmV0lN845nzYvVx7a80xOQDs7XR3XJ9k4m9shzDCw0jp-sngnkJ3odU3U5dhuG5LWaLa_x2zFWy8VOAD5CX-AApX9XtiFpp30XiLj3-bjtcQJz09ZhmJ9avUCw&dbm_d=AKAmf-DFquy8oYmrKCecP1ohxBXdzrX_3BRMbCRGNefjCaidixvH5lVVsgTVIJ78QRswzLQ3JL3eN7HG8EnuYkosWQQFH7uhLncULB1rS4NvyrTJ0VDP1RMevTP1qyiB--qu8dpmHTyDvKq3o5OkWaXWaqqXUuRe3G8gTW4jAs2ajjxm-8JxvF_jYe9_sZJj23OKOBgtEmQIA2Z5SlTFXJOruu545PrEX2QsOaPX2kwMZwFSmblCDRvHQAt1IU00KfcgTNNsoJZ_IxjNi_z_jbdQ95HmZoa4-5CO16fMJ_X1cIjJ2H53Lrw3YjJRv7j1Uvvlr2drPrZHLY3nj8tbmg08movzfJSKs7_D-6Z7299HH3r5lNDm21esjN1HugpOjO7SUvpzjiSLFW3d7-Vkd8SCB4Vx5_r04H8-aio2G1BEs7pjAiObj8Ncb6eMBs6roipcZ1RWm5qf3ZRmtjukeyaMZ_YmuakyXeBWVzYj9F2y7NQqKevtfoxD23gaVqOB1xmTAn94UyrDF4EYHh2et8D_KzaG7MUCXwmMg6BLxr-SRRuiVNyJ_Qq2zQErEwBU0xyZX1hZCHKeHF51BiNwarZS1cUTVs51_LakVjnmly_S2oZb343yHTA3ZS0TXgvFnQiTzxXMkgEJfjQB6DHaLEbXAqXe9widFux-kPrpMxsNBZrG_AZtP7JsWPAjq1AtdOKNQcvMxDwtI9cbE9fwofPGONpKYxTUkkbPX666TroNzA2If2RlhokgKkA_ixGygwiZKKmH8X8ONqETV7LRPWzRIC_3j23hb7_0rtGzF5ZbFqBOaL71SPM8X6YNWmpbpk7nqyHJfPzp_Bge3_e7cPnc_KnMK-Zhm1h1dQOQkBXQGX78ekSZuKjsbpxmPYWW3Cm6_jHv3oCRAeQT8897KW2SpprloP4FvkuHgCef2VZp_Ae18fiXsNKyDM8MhafVR-Hv9PbuYsIkqipXSlrnQbDUSazPTYvRcxtmwm4UkHq2zmwZ_qqYrK8ZYyvgWJ_O244x_XVpph0J1OcAHrdZa8anCEnADqzEPl5NAfYTJ3jkoH438Iwgz2bPv5GpNdHM1lb4TTbI3j0IS-Pk9HfRSh74lT6hNZK5DyQLJqs98HE6dG1NvLUI0Cg9aXWrKQEY96lb6T0dJKj2_Pkuv5_VN_XSJSTfGkFlCcdoNaECwWZVE5NYg3nd5y-h1fWD4pEPxLGl2MPE1YCH4cDBjxx7FUFE67PukFuZOoGHy8OpkB6wMXagaSYeeaBz3DU0BEB6PJXV4GjflYesTot3ftwIMjs_0nNpx8cPwZtefFE_pjnObkhripewPFwQ3BXnwoLr8kfrxHC0Dk5eH6lt9eqTDjfVxWQNv7EwwdwD2wsndZP8NsUc7UVQPlCGtd7taAwKaX28DeQjzKkqUSXW53FFP_GKXNkQPCIXT6gGN6_FuZ_bCwrv3RHwjEaNCzZ1EqfnNFpRhZ1Ud3jtZMoanjJlQwXQhBg7KvK9EgHjXFIC7fzGmfMLF5XDHTb4UlYtq3aJsE4XkwLQHW2ZHUxUfyAdWAIVzZLG35PC1AhNjR9Az_HA2ua56mv7JvJ8cl-YdShPwyt0x7GSBHupDNlevkVl4a5lc-8q4IVzZCrfoIbV83qH3GhZ7xYQweHIPH1C_dfAnotoYYv3yfXnXXHN_W7Z5TMxGSOBHl31QJWpYiBmuZueIwle7Cs_81IwfP3vlkwzRnvLW3XuUCByak9xW3cPCgJ-OXtqyKumuu9MPoX9aNfpDQiqqGKsr4vQWjf2Go5pL1zcusKihpbcRBOrkbVMMQlpABAWREKC8c9-gsZL9wDEe_IVLd7naUExaceG4taVIfA06C8rYgRdhvDrEC2LrRgS3JhABYbZ-hOodhOIefHH2-AgH49XfJBGg2EHN_Vsck-8HLnQhpv4Ysvdaiy2SIck3AWHV7kQwKciai59vpDeAQP2KUB7o9EH_OxFdZZdPKx-OevDG3cCJoF5mpd8jnIS7JD7r5Iw3rSpbxC_KMP-Otk070XUb6yTDzGq-uEkEjcKUk9Mbi-4d1xU2APOKghynSl53mp7aoDdDaLVz0ZTJCuO1ox4fMtk3mLn0oHWmqej9YTr9iIJFpuqdyuXarhLbDGZQhlj9Vtq7jfhmO-2OfP1FYnGDGzqvsNG-ugUsddAbH28P8BfcB0XL03nA9dhppWaPvzchcGsVjEZUdAzVptnBJBwc7pLXPcZ3RFYX17FTWGLO7pea732g4MIpYpz5KO5p9NopAIYy1LacJbfoiaQXvfUsxCHVyY9gWs5NyP1cth5l8lRwMYz_5P0Gz4IoBggcZvoChadu7ojeAr2pUQABOeYSyZTsczy6mNACOlDAC4f5Bl9okt29qVuQTd0dlVUjw12gwWNH3CCZb-S3Oi-1mtOj6mee0_X6jMGmbyZmVQswldvdin-cJGQsT-NUJHXWzah0r0RukCvmAmM7A81VS_AevZeeUYV9yiBlE_Fn_ZmAMt7hx30QWJ5tharJLo6Jo7gj5hczvB2zgWAwtighSc6cGVTKkDJo3NKOE7JIo6arAxorXFQllHE11xuFKuRHLTqehBCR622qrEmkyadPOQcu4d2Hu2mRVth6_nBAtKjt8oc_W2MrZkdn89h-8YW4p89tZMB7Q6ykuCtc-m9JerU4R0F4yNxRbsXQ346shVjSha7TpArq0ERmpB5VX9COeyFu6FrgboThQlpi-JJZFAXrD-aTnsrFfCRIu2wxJKsHCv9JUjuXuOcusGIeYgDTH2smGB38MSlAdsPAUKaOEmLHZxMgUhue4xcp_bAkyL1FGaL73hWq57v7PLErsZ-MB-gC_Syqn3Db3t_GCiDxl2pkrhDQISr7x8CMreCRu-aoovb7e7bfuizIJJYUKisRodf3rz3srCRsD2SFMgqvFl1fXJoFsbZvf3mJ3ZdA3ZSW9LTW2WuqQElRoJLVEv9NxQxw5Vqsr-2uJPEi5uXLx2U6DVKGf6B13bg4hSlkrDf1l_dBHokSHFRSY2rVO127vvFEWt96txpJ9mqJqnx4D3cAO3ZQsPoPCuQDytojv14Z2cVjbwqVqOSgT9V251pTTO5aeGYnMddPqBw5DshxCE1uBPHYOVF5UeGJi2wKQPj-Q8J&cid=CAASJORoWphtVZFX55i1Q8VhK5CmrqkW5r8sGZ90-hmh62L70g1vMA&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11738
x-xss-protection
0
server
cafe
etag
507854449507764401
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:47:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA3B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:32:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 178F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
8770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EA3B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be96fe021186a4288a68a0d3b7c2a397316ab440635ae14f2acb65aa0673d11

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0CE5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 07:32:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D343 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
8770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0CE5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24bda171d07d0e8118595d01eed06ccf7e3bc06ad15bdd45b1659fe34be6b931

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2D61 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
188208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 07:32:47 GMT
expires
Wed, 20 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 178F 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBBmhjxb_EIpx-j9xwxDL4s&google_cver=1&google_push=AZmPxg_D1WwRLNDvyV-5NnumdyX8NxkQDbHmGBXQD_0h5ZBgroEVAyGaYqt_mSbd6lmWUdNjBC9k2NTuMF3IHck1IfGoXO3Lw1Sd
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 178F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKe1kYA_LOnXysFELxJljdQ&google_cver=1&google_push=AZmPxg-9KPVHau3V38RS0ilOH9rG_EzMiziQOvXGC8D0ULZWQyfzoMOGq1EHQnFEX5Z41EDVXB5Buv-6Kbr60mPMHtCiROrmHuJG
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-9KPVHau3V38RS0ilOH9rG_EzMiziQOvXGC8D0ULZWQyfzoMOGq1EHQnFEX5Z41EDVXB5Buv-6Kbr60mPMHtCiROrmHuJG&google_hm=Q0FFU0VLZTFrWUFfTE9uW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-9KPVHau3V38RS0ilOH9rG_EzMiziQOvXGC8D0ULZWQyfzoMOGq1EHQnFEX5Z41EDVXB5Buv-6Kbr60mPMHtCiROrmHuJG&google_hm=Q0FFU0VLZTFrWUFfTE9uWHlzRkVMeEpsamRR
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 11:49:35 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-9KPVHau3V38RS0ilOH9rG_EzMiziQOvXGC8D0ULZWQyfzoMOGq1EHQnFEX5Z41EDVXB5Buv-6Kbr60mPMHtCiROrmHuJG&google_hm=Q0FFU0VLZTFrWUFfTE9uWHlzRkVMeEpsamRR
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 178F
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg86vn83...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg86vn83...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMTQ5MzYwMDA3OTQwODc2ODY3OA%3D%3D&google_push=AZmPxg86vn831YeZe1eE5Xv0b2OmgdL6OZyXwkOx0Vc3twX3kxD2DIKnPWqpDB3WZhCbqt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMTQ5MzYwMDA3OTQwODc2ODY3OA%3D%3D&google_push=AZmPxg86vn831YeZe1eE5Xv0b2OmgdL6OZyXwkOx0Vc3twX3kxD2DIKnPWqpDB3WZhCbqtNdWaQZ7mYF8OU7ud-EhFb1PrGOUqya
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMTQ5MzYwMDA3OTQwODc2ODY3OA%3D%3D&google_push=AZmPxg86vn831YeZe1eE5Xv0b2OmgdL6OZyXwkOx0Vc3twX3kxD2DIKnPWqpDB3WZhCbqtNdWaQZ7mYF8OU7ud-EhFb1PrGOUqya
pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 22 Sep 2022 11:49:36 GMT
dds
rtb.openx.net/sync/ Frame 178F 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH968K3cpFXjaSLcR9lnug8&google_cver=1&google_push=AZmPxg9nu4OY8LyTk7UGaI9LFn8CToj1O7kmJkBnAKfCtoIZfQ1-jQQq09x1UA5y38gC3nI8KGYsPrnScaxiu1T9NkTX4hvnkBFS
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6usr8t4im23i23jo4a4j84p3v9losll0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 178F 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOztR1XZhzy1dQmabxR9xI8&google_cver=1&google_push=AZmPxg-lLaOv7Jp6tm-jvodUPQ3ja9IHwpe-WRkzcAuSLr8hmDNLBS2SyZSP8NtM98hhRic4wiZrlMIbVAgswSYXCaUqkvdPcWxN
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 178F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIN6p9hjv1FviYdv3VhsyAU&google_cver=1&google_push=AZmPxg_8pVn4jos5IkYw-Jf8s6H75p7TWiPa4OULUmKZgwJ854Blo2cIfYGYLLvJaZgCJDYKB1M...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJORzUtUy02NlRM&google_push=AZmPxg_8pVn4jos5IkYw-Jf8s6H75p7TWiPa4OULUmKZgwJ854Blo2cIfYGYLLvJaZgCJDYKB1MSwMPaTI5U4wiVp3bvTl7KFFiE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJORzUtUy02NlRM&google_push=AZmPxg_8pVn4jos5IkYw-Jf8s6H75p7TWiPa4OULUmKZgwJ854Blo2cIfYGYLLvJaZgCJDYKB1MSwMPaTI5U4wiVp3bvTl7KFFiE
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJORzUtUy02NlRM&google_push=AZmPxg_8pVn4jos5IkYw-Jf8s6H75p7TWiPa4OULUmKZgwJ854Blo2cIfYGYLLvJaZgCJDYKB1MSwMPaTI5U4wiVp3bvTl7KFFiE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 178F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg-11mQmGDklxxOkT2bQdv8dEKsLsKHf2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg-11mQmGDklxxOkT2bQdv8dEKsLsKHf24DU2SGoR_1uNXHujx6sc0YGWtUadM-2LEMPDK7O19Zj91hIqp5da_jGj6gWjGLN
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmrZ0p65%2Fo3nO7e4OHp0iSE1GMxtTiiY%2BK%2FWB3z63gx6CVIPHdduRT2n9cZdgulDL6iC0zTGCiCvHhjFJAzkG9kkR9XORX%2FbnrC8JEB7zkhJlNcNQq0F72k6raI7O6TVQ68Q7KI2%2BhpoYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg-11mQmGDklxxOkT2bQdv8dEKsLsKHf24DU2SGoR_1uNXHujx6sc0YGWtUadM-2LEMPDK7O19Zj91hIqp5da_jGj6gWjGLN
cache-control
no-cache
cf-ray
74ead17028318868-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 178F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdHQGSDjDBwLBF3mQ-55psMZR1NVMomGEhPG3DOFrE7WceE8evt-MsrYCB_GtH04QkxB2z
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
pagead2.googlesyndication.com/bg/ Frame D89C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16036
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:32:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3F63 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
188208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 07:32:47 GMT
expires
Wed, 20 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame D343 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBBmhjxb_EIpx-j9xwxDL4s&google_cver=1&google_push=AZmPxg_TsD2cSEtnAIUe8GDKD0M3Ati2kv4AtjqxfPpMEsiBmOjb8SKSp__ovQzjkUbnaZJGGedRuY4WtY4HlmZoTLigOKoYGIA
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame D343 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8LODz4OL4E7RYG0IZdvtLfp03moi6f6GxynRiKhC-oCrCjb5tw8HJy4Frs-BvvnKUmVEOtt6h20t8GKqSs6n3EUbWJoMU&google_gid=CAESEPahzENJJKOnbS0S6IeddB8&google_cver=1
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame D343 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH968K3cpFXjaSLcR9lnug8&google_cver=1&google_push=AZmPxg8iII346nJXenT55xEMvBHF_S9-UEprBBaxHoHq7bUVoZZMLT3rnHoboh-M6Kq3OE5BvyivSNZ4dXx_nCAgMvdfnXTXxfrn
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6h3uj229efiega6qmgj59u3kh47tfefl
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D343 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOztR1XZhzy1dQmabxR9xI8&google_cver=1&google_push=AZmPxg-O6oE0iw7tAjUtwfnxgebbWZlk-m4fDzs-EdbN0c2f9p7wzEVtoErUjEWHaK6DwjJDrBieUh2CkxODFpGOMBcGngJRVGI
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIN6p9hjv1FviYdv3VhsyAU&google_cver=1&google_push=AZmPxg_G7RDmIpMIPzSQ3kPFZJnvLOaQ3OGoRCNCF-CnNWF_TJ4b9TWgoC-hdc_i7QIbkFm3AcI...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJOR08tNS05UzFM&google_push=AZmPxg_G7RDmIpMIPzSQ3kPFZJnvLOaQ3OGoRCNCF-CnNWF_TJ4b9TWgoC-hdc_i7QIbkFm3AcI73TUw22A5DyiZbj2FF-t4b_5Z
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJOR08tNS05UzFM&google_push=AZmPxg_G7RDmIpMIPzSQ3kPFZJnvLOaQ3OGoRCNCF-CnNWF_TJ4b9TWgoC-hdc_i7QIbkFm3AcI73TUw22A5DyiZbj2FF-t4b_5Z
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhDWlJOR08tNS05UzFM&google_push=AZmPxg_G7RDmIpMIPzSQ3kPFZJnvLOaQ3OGoRCNCF-CnNWF_TJ4b9TWgoC-hdc_i7QIbkFm3AcI73TUw22A5DyiZbj2FF-t4b_5Z
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame D343
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg91Od353SmjjgeYuUrTi2iHmTw3mWGQ8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg91Od353SmjjgeYuUrTi2iHmTw3mWGQ8W6_tpznFHFFpqGB4r9ytO8FKpJI76mnbGvuX75ilbof1Wc794dpPFXTRPGgudai
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZULkfYa6N%2BTpe6CyriCbxWNb8q9AevyTlb7VDSSHWQIcIhNdZErQdeV52Q238lDaGLyenBroG9i%2FfOiN0n%2Bihtmkzlf3Q8ywp0UIimkUhUo9mimbCK2DcBzwZ0Ah%2FwUqViysiDVo4I1qA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfl-ZHcA7Zl03vq0foQAok&google_hm=YyxLz4Q13_iD6KIg3tsvdwAABMQAAAAB&google_nid=index&google_push=AZmPxg91Od353SmjjgeYuUrTi2iHmTw3mWGQ8W6_tpznFHFFpqGB4r9ytO8FKpJI76mnbGvuX75ilbof1Wc794dpPFXTRPGgudai
cache-control
no-cache
cf-ray
74ead17028358868-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame D343 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFDkNzWyuJ9K1wNgeaX-vco&google_cver=1&google_push=AZmPxg-dB-Mn7X6kMTRGIxzNh688Qc9zjD4gxcngAPMZ-wsO7MVgqrjBDzxAhHE0S6sYcRDB4ef5J2qO2gr2vwfweGTdBdnmcDae
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D343 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3WL2owTi5z4u3mZ6E27ZjO378YHOXSp_gI4gTHoszsGkEJTx20AeAuTJt8KBafyEceSuI
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
pagead2.googlesyndication.com/bg/ Frame 2D61 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16036
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:32:08 GMT
moatad.js
z.moatads.com/totalmediaukdcmdisplay715441700527/ Frame EA3B 		306 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/totalmediaukdcmdisplay715441700527/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2ea29173ab6d09c3d4c9b690df089412dc1297c3d7a2b68783e33318ec6517f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 18:36:27 GMT
server
AmazonS3
x-amz-request-id
MHNPVZ0MJNA3E2V0
etag
"8d1c7979aaa0b10099a20a50bb6184fd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61522
accept-ranges
bytes
content-length
106826
x-amz-id-2
9talzUloUI8QPZ7xY/O/1/z0YNLunxIsIGoElGzcAzVR9mQXv5MnHjDWDCc5QQ4J3IXl4AG/WGg=
index.html
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		87 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c30f37c2c87a205069f6b21740187a7cd9c1a01883e560836c0e8d2365a39a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
176736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
19804
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 10:43:59 GMT
expires
Wed, 20 Sep 2023 10:43:59 GMT
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA3B 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWK7848LEP6L2__yz-M41l6QnZeswII088DwZO5FW2I2u8rAljUf_EcUbm36-59arofnBgFBphpee8Ja4LGIO1fMWvMna23MrAVdtzZRJ2t5DK00qGeHRcJOlR0xulzHXylLkCUwgn-0869Cm5GMH0mpgCItfjfatHwniapv8QsjeW5aFJ5zC1iCEkVvwaz7rzj-npGQSWguQzT0gnMtqCoOaiLi5zgvuMGvAjb5soCUmrV8N7El8Q_o9z3tKSw_OUVyhPRibzd0Ew_WklPZvEhems6p7hRSZ3LAlaGq9qfbaK4B71dzt7iZJMSYPjlh43bq8pcj22cBzucsNofpGfS03Yzlz0dVNkka6KOm9CWolEest7En9sG28GXNwbwXDwVgksaNRncKpFHerd1B5o7Jd8kWYN8js_s0nlTEaolbx3VOpAHTGv2aqdaLM2XJNVJiPG-x-ramvBMYQAkhCUGfx6KgcXqeNqC-aZiBrydlR5Qmi-dYhlQ7vSDIMTDVSKmjoMJw5xjhOW_18e2B-Jr5QzGNihRd825KR0RLEJke_4NeGTQIuXPxjlk5uKAyIQjoU75GHS9lEdf-1nqbNsuv8vRHu7LhKmmMTxYv8l_DG21yzWaNLAWxERBUEsBRVfIww3gh8bqGQ4FjPkL2t-_UpI0OhhnwDTN2j83u1CwiMo6C7ch_6g7jVQw1qW_IVZCjGg198KNYZxA7Ty3NYh88zGPu5ag9xwSVauCK4daRq2ZdwLsA38jK8u_l78YtEi5G3HtzxJuIdUXWViIk27o3XC3TZlzIKENXRAZ6l9CudEovrErJ1chNcw1K8idqnw0cf6evT1aZhNwT4vegVTdninT1PWcA1EPYjqdF54h8LRJ_LCqgOd4iln0SC0uUOkWlphltPF1j7qAJykRnJgPjTCOkYVfGbz-zL5JkvCmbDCWjT3rI-88dZJFT9DnRJrDijkpr5a--2cdYYeoPnNc5iiRpVQaGkUf5feMrjVpfLt3CSt8wpU3MIGsj_vddpgYG0eS62I8z1T0LE9lf4ua_JQR73lQX3gH2iBccUn8qEKX6cZr685h-PgmSm5zgHf3dDdaebLBBebdvwAAH-DsgzPow2RzGQPAhJhlV4R1RpJzGTPX9I5sjcm_TpR3aThRBZ_yTjQyDEJfVz9nYjuQ6Zq7iGX1q9WawWyWXJcoIufhOTKlCh5o9MZRJXS&sai=AMfl-YT0e8fM6TSES8I-q81Zd7LNn2K9zP_EFbOxgyZ_3akUdl6RtX8WpJrN_mz5LgxNZvTgvrQaDwTDCDrPjUSDGKLdFO6c1NByDcPr_mLnkUhywxtmHpaepqWgbs3Snruev5ezfPK2DqA4rO84SR-GkrDNc4ag2xL7ZUR2CzF1FS65bRpo3J6-mSUsNpx51I6MgpNrtTIfEaNReGLOkhEDog&sig=Cg0ArKJSzMlYZrafypE7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&cbvp=1&cstd=288&cisv=r20220919.88363&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 22 Sep 2022 11:49:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
pagead2.googlesyndication.com/bg/ Frame 3F63 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16036
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:32:08 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame 0CE5 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1151929/65580770/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
500278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
VIE50-C1
content-type
application/javascript
x-amz-cf-id
_vKJZXKxbWQPEsIBuMq8AWDhhUW1p1jq41lpHyihywSSh3RaSEYW-w==
index.html
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame 932C 		2 KB
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc49078cd148b10b22ed5e18498755305d5615ee7556aeafaec2f23c32044ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
762
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:49:35 GMT
expires
Fri, 22 Sep 2023 11:49:35 GMT
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0CE5 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5usak0Ks7Kl6c1YwZC9d2qr1NSwpU2CNi3yzus1iTDd2K-5KrcNv239Lo2A23yDIk9WnKPVzRA0fAq0wiZKLQCdmmxoek0sEsiwmh4JsfMc72IoktxvuR8LgD3w4zF2Ox1f_0nA3pkY8DUspMbHuyJDxGO3bn8jg-YPmxi5WHUIPugb49nz1RwFITzTm43P6yMF7z_CvV1kkqkL-YvpaH0Bdc4RqEheiLq6myhvWejVFK3a-nnJTUXx36EnxJSa3M1NVw9UenJMgTVmJFhVJgk9PZV9QThBJxPcyCsjV3nRaU55yzttL4ZZH4yqBrkQgvl7TQCiML9qFIFk_2qe9RkFqxer25iZ3YeHNdvq4h93gPkr-STIv1R8AlRFS9tec-g0RwAP_GddK_zFJRkOPDrqU9N-enrXA_8OUqlEJfPO506LP2utK227P_i_pUUsXRdbXjWGbLEeOYxQMH-o_wDp-8t-6EB6T8X4gCK1ViMX0ESM7TI-bAQjKLdlNDI4mBrJe37hNb-j3RNIxLy97e68QNQ3j5cPeSTB8z1VqlbPy1h8wIAHuahLQbVhzdGXR28bXpN5soxTs5wr9FAzRptNJKOX7b68zpWongDr2C8rqqcrT5BRHZTKpK-JOzbm-13onmGf9P8D5GNj6rtOYjaVd56mRcUPu0Ou9_4XgsK1GQ0jzPXMTRkH7L0C9D8A8PXRwv3PStS5ui9iemND4ac8squXusD9qFfvwiM9ogJRaI2aq20E9Az2k0dCdxhYdl_kxaL5Kk4lUIuz8bt937_sQaLqVle8xDFeAXtNkkHk12GokQRulaG0lsq-KOtpOMYTq0R4aD8bjMajAfEuoUdCHBOg8kKHYyVtI5HFEmlCQiwBRTvl10EcUAhvhvVTBYYfZNVu9E9wRxR38RdzCM8Bsb2tPtpJylS_Y2LO6oTheIdIzxnLrOicPZ4PPYasK5llHUXj4WgGQ9P-jZJb0cZH2u43G1iKmMZcthB9iT_b7stJiGJ5v6Z3H4a-oqcGjJMLLuoYbE0uSzhEX5BJCdK0ryG2tpqCNEZph2riR80jSYAipgy6ZAveFoiy3LQ_lRdPVF9SSoCb6PPevA9cYHhSZ6BMyJmQ54XnVtN6TA4T3_E8ef05sQmq0O27WbVWVLSKhGghWzCzkq4pJ1E6G6gkaKwWtOiwLER8CrH425kkl18KMD4dBxnnqlzlLyjhE&sai=AMfl-YQoBKoZ6CZ9T6KJfnKd71hfiEIO7fwRowEBYUPdl2z5iPHcm4m9KUOztqpnw7ZfFV760vZll2dRtOx2BzXoyF5HFjswJsckGN3reXfN2qByQYHkaUdbGVsYyYwDDSvLGUbzP-Xp6ZQg1znsj-MCSr08mCEP5t6rheEIXDS33QASLf6P_2x40Bn4tkUUDVVOyQb_f1-S-h_4ip-bU6huCA&sig=Cg0ArKJSzBUYHLOM81l9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=320&cbvp=1&cstd=313&cisv=r20220919.58915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 22 Sep 2022 11:49:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame D89C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OwViyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame 92AE 		682 B
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5f Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e57c6f907891c213a4be1b8db03ae43076e8a9ac6a02a88fe33bf8dca52dd3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 11:49:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 11:49:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 11:49:35 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 92AE 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 21:22:52 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 932C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Sep 2022 10:59:19 GMT
normalize.css
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame 932C 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/normalize.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45009a4360ffe5364e2be9bea31dfdec6eedf10e6649bdaecf011ff88ba928a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554173
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
969
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 01:53:22 GMT
style.css
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame 932C 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ebd919eeb6e022bb3543d00bade694b24310e1da084d878048db142a7c51665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2218
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
scroll.css
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame 932C 		913 B
378 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/scroll.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
286125ae16ea43b1c5fd845a948850f0e7de05f45cd1af1a98c0f1a0ea7ec13d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 932C 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 11:49:35 GMT
preloadjs_0.6.2_d7b96570d4552592ae479162e546cb25_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 932C 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_0.6.2_d7b96570d4552592ae479162e546cb25_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291fcf6b0aea583079f4ea7c943852ddd668ad895ee08b0b557b372040d205a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14120
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 11:49:35 GMT
pixel.png
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame 932C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/pixel.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c835ee88b96ea90b7a8aff875a23ee80a6ac74fce186a84eebcec9d6fd068dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:27:32 GMT
x-content-type-options
nosniff
age
512523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3569
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 13:27:32 GMT
dws-xtrackers-logo.svg
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame 932C 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/dws-xtrackers-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f799afebaa0125cc2e1d05bb4559d198d1092b87f20951d3a3d84994e07561de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3264
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
btn-right.svg
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame 932C 		946 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/btn-right.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aa7357513ae62edeec06a9ff700c76e506a6d54945a572ac16249e8048e55af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
474
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
logic.js
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame 932C 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f04fa8e54a4b29df65e453963d74219400684d053364bd67e79590bb4693b944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4681
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
scroll.js
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame 932C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/scroll.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4261168c69b8f0887385e3f95c5f7ea90f52d428ad1fe827a6d4beb5e36f9546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1703
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l8czrm75&c=3031217078439693&e=31069718%2C31068883%2C31061691%2C31061692&ctx=1&met.9=1.ok~13.wt~2.11i~9.0~3_1.137~7_1.0~7_2.0~7_3.0~7_4.0~4_1.1rc~5_1.1rk~5_4.1rx~5_2.1ry&met.10=1_4.IIcLEPjOAgj4zgIYgJh1KAE~1_1.IIcLEPjJBAj4yQQYgJh1KAE~1_2.IIcLEPjJBAj4yQQYgJh1KAE~1_4.IIUSEAAIABiAmHUoAA&met.3=112.19n_1~113.1r6_3&met.1=1.l8czrkxi~6.5c~7.5c~8.6p~9.6p~10.9o~11.7x~12.9o~13.by~14.bz~15.c1~16.qc~17.qc~18.r1~19.1qi~20.1qi~21.1r4~22.i6~23.i6&qqid.1=CPK3tL2qqPoCFcto4AodMT4GlQ&qqid.2=CPO3tL2qqPoCFcto4AodMT4GlQ&qqid.3=CPS3tL2qqPoCFcto4AodMT4GlQ&qqid.4=CIf_sr2qqPoCFcto4AodMT4GlQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D61 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXkjVzkssY9OgOJq33wP7n6CQDgAAAAA4AeAEAg&bg=!CAulC0_NAAZqQh0mSkI7ACkAdvg8WhiCnzVgz_qv3A3Y9vzt9d8q0iW-Wi6LtUZz4ZP9LckIpVWvvAIAAADZUgAAAANoAQeZAu7AGvrxS103Hh-N4ZhLWQz4AucgzOICByoOngu1gXTep1OGBArRjUq5QXtT7M_8_pqBqadLgUgipm3FB3HUidCE1NNBwQZXh8MjmymK5uQlT075-ZEvL6bvyKX3Zjv43Rgo5IGYjq_uU0uhuSDCMcYl-jElr0fjAZNDPMx07LNQgmzVCzGGZaU87TG0mwpy4r5DE0YKQsTlWDZIi-0gBKfURHNq_Zdmbat8WxzMWUz3XoBUIGaj_k-nI59MvepwVsrJmSDY-Dvg-OiH_ZT6Z8v6Mc2EN5QvqXl1qXNiMI9ZPsKz8SO5MPO2vlAjzvK0tpHsY4tPsnvIclVV0sq8W-LboQD3iCeucSbkSZUOe1o8Hu1jvltYj-IPBw_-Gs72o9-FUWkc3c7o05PDsb-NoJYqpqVsvefdYsjuHqDyXhWkYQmUTBuxkgo_94-BlAZR9HJ9_VxQI430I57pfLWL-v_E-mgJlEi49Axoaa9cYSKYjshT7sQT0vSFY5VqvZOWi_y_GmHg9dsXBCdXWWaOIy0rF5Am9xrWU1vQpVtWlUbv-zdaJ8PuaEa354YPkzB0Zr0twE9IVu7G6_HL7CehCfjwIwS-8XNxYA4pb1zeyOVA7mMNQskh-JVP_Jye8JhKIgDpNFPTA59NLAItiVspHzsTXc1jHXiI4elciIhqIbbdDuuEzOMYnH0ehI6ZVmz9acRn2BRw2AJiA6W0fCEC7dp1YOuNBvVPVkMUwEVXh9lDm3qA1Nce8NK1SNsNwkxfRA-u4P9JL5ScsPWNR_XU2UG100UB6LuCYL6jHe0Rxjk59C2haBaDmGaG7VeTwRrlOvj_ZkGyFa75pjscSneYDaa_mxHvsMxO6p6nBn_buSGLT3S9OA_jK6_XLjJm8r7uMxQ_FGMBzSLdDpiJaXOQM_GhO9bp-TGNk_MP7B8eOza7naqEExxCJe3eVBUoOQrQ-wMRS6-Ot6t1vEzYchOi6jTkSmThxRn4dZMAeh84YUo
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F63 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjboPzkssY-KQN4uc3gPe3pK4DgAAAAA4AeAEAg&bg=!4eKl4qbNAAZqQh0mSkI7ACkAdvg8WpUsewvB-iCS9Lykw27cK36hhvJmPsKSPRY6ujVLmIMh2zsfXgIAAACzUgAAAAJoAQcKAKPh4RtPnrR93-1DZlHsFPLkjPjfVwvC_F3U0MztTM-meCKO64Ng9ulAnSAKRvzpSnymHko1rVLqNcYA6niyjtwGbkH-jRG7OV-wz40AR2cS3AcUQy_zz4CNJpfuQ33bzBsuAKoRzMOWIgE-8XU1ArLdU2LWU5d10HMetASFwldbMKw7tXrV37AU-DIGnhav3dph15663i4rUyUlYF6iFEBkcV87mQLnkVt39PE6MzIO-G9_anLSRAKY0J_sl2QelJEYeGz6mowwafRauIB-cK2nmM9D8Q9cl2Ckfkzi9plomyxnYGS8MNxjb4WTBx4VeRBvsN4f2YUaPEJ7jMovdYO_9dwtybpAnfk7RV1hqs2AKbgtHKtW51lRrD5bmOReiKdR3G1ELCx10BX7JeMc3MgkMATFVwrJLV60ZMgnozhgGWC_MrW79UrML8g6LOdv7t4ENmOqdMYhTqpWH6LGqUpODfCxiHUtKNO2IB0EEvjZMw-EDa_CcsrV7j0OnMma_ILsWcZtfzHXTbrLpQg1Mj9-7UTS30wcGlSOX9EI-KWS398szGo40cC3fafatvsqO5HmmBgprcKqN6KaTxh11nBM-TGbtuWvL6PPjDxkapRseTvQHSiBhFPcHDNxfHc1U1IYOd8I83v4JMfgNiNEDXCmhXnrEF7159ckiX1wuVwCKVPMglh8Lp7XMlpubR3MLts_9ekVxeXyrhEHXWju08LrfAXtN2dza6fu5feNmtbSxtWyFr-0WnUNCBoR_SrfF7h0TNIehFwFxIcDLseSpbXNXm4E3_7uOohKzE-VEkrvQhGgjQngCbm16MwXCOQEUKB3sTqp-eJb5E3EV-V_GldJbPS1lxsXwtvVYrx1Z4XNYxvWbDwgnj-L2AU8mbeXK99icMg0YtP-IhJbeHmKse9v0Z7T6u0PdYgMRV-sIreC_b1G_ler-BQgEB2w2p13vyBU1xSymfJqeVlAqPcxZVcBbO3nCf43AKNE51TxG6BJwYxfu8F-fYpY2y796e8Ebi2eKUE58A1cmRiebSZSvza1eZzHtuL2sg2SDTS_IkNajiH2LO5kiQ2PP66RliVhGPMA-uhQ8dG-3gyKSxs3GlVnTOWDKmjlpeoV-VUz5N2pqXXoiwOW6tE2ER_h-iYyprTZOwhoyjQXKkbFoD-QhcXZz7O_Z5l6YtIVvb8vWCtfJAblzqtNqSm3AaZ_zEM
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
open-icon.svg
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame 932C 		739 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/open-icon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
658b15da00eeb4c46131024f30119f582d0c4d46e3434ba2a1045999de575c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
471
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 14:21:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 15:30:35 GMT
DWSSansWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4369730/ Frame 932C 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4369730/DWSSansWeb-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac20dcf13424aa4a54bfb9a97b3630e410f1b121c001399297d78b248e71e24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:37:05 GMT
x-content-type-options
nosniff
age
750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29036
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 14:05:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 11:52:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA3B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWK7848LEP6L2__yz-M41l6QnZeswII088DwZO5FW2I2u8rAljUf_EcUbm36-59arofnBgFBphpee8Ja4LGIO1fMWvMna23MrAVdtzZRJ2t5DK00qGeHRcJOlR0xulzHXylLkCUwgn-0869Cm5GMH0mpgCItfjfatHwniapv8QsjeW5aFJ5zC1iCEkVvwaz7rzj-npGQSWguQzT0gnMtqCoOaiLi5zgvuMGvAjb5soCUmrV8N7El8Q_o9z3tKSw_OUVyhPRibzd0Ew_WklPZvEhems6p7hRSZ3LAlaGq9qfbaK4B71dzt7iZJMSYPjlh43bq8pcj22cBzucsNofpGfS03Yzlz0dVNkka6KOm9CWolEest7En9sG28GXNwbwXDwVgksaNRncKpFHerd1B5o7Jd8kWYN8js_s0nlTEaolbx3VOpAHTGv2aqdaLM2XJNVJiPG-x-ramvBMYQAkhCUGfx6KgcXqeNqC-aZiBrydlR5Qmi-dYhlQ7vSDIMTDVSKmjoMJw5xjhOW_18e2B-Jr5QzGNihRd825KR0RLEJke_4NeGTQIuXPxjlk5uKAyIQjoU75GHS9lEdf-1nqbNsuv8vRHu7LhKmmMTxYv8l_DG21yzWaNLAWxERBUEsBRVfIww3gh8bqGQ4FjPkL2t-_UpI0OhhnwDTN2j83u1CwiMo6C7ch_6g7jVQw1qW_IVZCjGg198KNYZxA7Ty3NYh88zGPu5ag9xwSVauCK4daRq2ZdwLsA38jK8u_l78YtEi5G3HtzxJuIdUXWViIk27o3XC3TZlzIKENXRAZ6l9CudEovrErJ1chNcw1K8idqnw0cf6evT1aZhNwT4vegVTdninT1PWcA1EPYjqdF54h8LRJ_LCqgOd4iln0SC0uUOkWlphltPF1j7qAJykRnJgPjTCOkYVfGbz-zL5JkvCmbDCWjT3rI-88dZJFT9DnRJrDijkpr5a--2cdYYeoPnNc5iiRpVQaGkUf5feMrjVpfLt3CSt8wpU3MIGsj_vddpgYG0eS62I8z1T0LE9lf4ua_JQR73lQX3gH2iBccUn8qEKX6cZr685h-PgmSm5zgHf3dDdaebLBBebdvwAAH-DsgzPow2RzGQPAhJhlV4R1RpJzGTPX9I5sjcm_TpR3aThRBZ_yTjQyDEJfVz9nYjuQ6Zq7iGX1q9WawWyWXJcoIufhOTKlCh5o9MZRJXS&sai=AMfl-YT0e8fM6TSES8I-q81Zd7LNn2K9zP_EFbOxgyZ_3akUdl6RtX8WpJrN_mz5LgxNZvTgvrQaDwTDCDrPjUSDGKLdFO6c1NByDcPr_mLnkUhywxtmHpaepqWgbs3Snruev5ezfPK2DqA4rO84SR-GkrDNc4ag2xL7ZUR2CzF1FS65bRpo3J6-mSUsNpx51I6MgpNrtTIfEaNReGLOkhEDog&sig=Cg0ArKJSzMlYZrafypE7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=692&vt=11&dtpt=400&dett=3&cstd=288&cisv=r20220919.88363&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
static.adsafeprotected.com/ Frame 0CE5
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1151929/65580770/skeleton.js?adsafe_url=https%3A%2F%2Fwww.capital.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa879d5eb9dc630ead2ad2188112bb3c4.safeframe.googl...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:206e:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
via
1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
age
7206516
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
e4FNo2uo-OjKlcT1fSQYzuJKHriP93SieDOPICUKCLJDysT7u3GKng==

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:35 GMT
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame B918 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
72799
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
VIE50-C1
content-type
application/javascript
x-amz-cf-id
hjavsoi9PtE8YI-wk6KcRpy-TDJGWUA4rcI2jNDl9zf-fnBUxlXoWw==
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxoRb,pingTime:-3,time:433,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:402%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:433,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:403%7D&br=c
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxoRc,pingTime:-6,time:434,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:434,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:403%7D&tpiLookup=ao:www.capital.ua*&br=c
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.gif
px.moatads.com/ Frame EA3B 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TOTALMEDIA_UK_DCM_DISPLAY1&dMoatBDS=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.capital.ua&lp=https%3A%2F%2Fwww.capital.ua&t=1663847375847&de=239811329879&m=0&ar=220b545db30-clean&iw=ccd94e3&q=2&cb=0&ym=0&cu=1663847375847&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=10919430%3A27232704%3A327706517%3A166169331&zMoatENV=j&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.capital.ua%2F&id=0&ii=3&bo=6909393&bd=capital.ua&zMoatOrigSlicer1=6909393&zMoatOrigSlicer2=N%2FA&gw=totalmediaukdcmdisplay715441700527&fd=1&it=500&ti=0&ih=2&pe=0%3A701%3A701%3A0%3A705&fs=200409&na=1743864858&cs=0
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Thu, 22 Sep 2022 11:49:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 22 Sep 2022 11:49:35 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 932C 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1c8aa3edf7ab15c66ca1f99b1203d9d6262caa767542574a2b18d45b3bda48e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2821
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24266
x-xss-protection
0
server
cafe
etag
8726009137278784513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:02:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 932C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae304b03685430f72e761e27c64d38d9c40bee707877039d4f1deda3d97512c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5759
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxoSJ,pingTime:-2,time:529,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:596,bdZ:875,beA:883,beZ:884,mfA:1263,cmA:1265,inA:1265,inZ:1270,prA:1270,prZ:1280,si:1285,poA:1286,poZ:1300,cmZ:1300,mfZ:1300,loA:1316,loZ:1318,ltA:1411,ltZ:1411,mdA:884,mdZ:1231%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:402%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:529,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B144~0%5D,as:%5B144~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:403,sinceFw:125,readyFired:true%7D&br=c
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pain-point.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/pain-point.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cce9ad22a727ce036d9c6eaaf5ec058a84089f46fac91eacfcce676ccb3a772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1063
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
cat.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/cat.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fad0b6b439c6f41a1eae9a2c56fa4be57076632bbf6af46f44535b7a4d489af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13396
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
cta.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/cta.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0289a5ac311cd78f0a4cd60735f18afc889af66a8e3631c0f894e881c400c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:36:09 GMT
x-content-type-options
nosniff
age
58406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2192
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Sep 2023 19:36:09 GMT
mm_number.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		996 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/mm_number.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28da24c7924d7785e9cc84d2015c080d611d3d3ccb524a463036ba347f948645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
996
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
frame3-heading.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/frame3-heading.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691d4aa5f5fac7d03fb78529a95fcff37984624a904645d9987cdccc8086b78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3552
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
frame3-heading_02.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/frame3-heading_02.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32a72054c44c9ab2dd16d13700b9aed862703b89b7cf09765f372c0957779e56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2027
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
frame2-sub-heading.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/frame2-sub-heading.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b66b3745d45b60ec22a6b7b430fe6a2fb2d40ca19ca370bb5b404acbddfaf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2044
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
frame2-heading.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/frame2-heading.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9f52b199120cfd34bb5c1fc747530e03ad4a3d363b51e5b05e68221965174aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2981
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
frame1-heading.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/frame1-heading.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e17d961d401672bde10c1b67cdc6083a1db07b2fb89a310a534ef9085227490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2865
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
BG.png
s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/ Frame 92AE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/BG.png
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f70640d9a5a685f9114b0fc86db310f94db82454c1e28953a1424f7772a053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6975921915962455462/Zoetis-OA-Cat-Suspected-300x250-UK/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:43:59 GMT
x-content-type-options
nosniff
age
176736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1810
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 20:55:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 10:43:59 GMT
pixel.gif
px.moatads.com/ Frame EA3B 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F6975921915962455462%2FZoetis-OA-Cat-Suspected-300x250-UK%2Findex.html&i=TOTALMEDIA_UK_DCM_DISPLAY1&ol=2433118744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3WJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-z0tp6wlWe0wLgg%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.capital.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.capital.ua&lp=https%3A%2F%2Fwww.capital.ua&t=1663847375847&de=239811329879&cu=1663847375847&m=72&ar=220b545db30-clean&iw=ccd94e3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A701%3A701%3A0%3A705&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=54&cd=0&ah=54&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=10919430%3A27232704%3A327706517%3A166169331&bo=6909393&bd=capital.ua&gw=totalmediaukdcmdisplay715441700527&zMoatOrigSlicer1=6909393&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1377548362&cs=0
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Thu, 22 Sep 2022 11:49:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 22 Sep 2022 11:49:36 GMT
DWSSlabWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4369730/ Frame 932C 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4369730/DWSSlabWeb-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd6058bab23892b96292f3ee138daa1661219bf2e117acd6252a2f90c517dc4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:37:09 GMT
x-content-type-options
nosniff
age
747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31535
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 14:05:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Sep 2022 11:52:09 GMT
dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg
s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/ Frame 932C 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be989f3375d45b5813efab99c47e1a73c7407bd7ec599627f59441fa2514e86c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 12:05:16 GMT
x-content-type-options
nosniff
age
258260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151312
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 09:27:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 12:05:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0CE5 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5usak0Ks7Kl6c1YwZC9d2qr1NSwpU2CNi3yzus1iTDd2K-5KrcNv239Lo2A23yDIk9WnKPVzRA0fAq0wiZKLQCdmmxoek0sEsiwmh4JsfMc72IoktxvuR8LgD3w4zF2Ox1f_0nA3pkY8DUspMbHuyJDxGO3bn8jg-YPmxi5WHUIPugb49nz1RwFITzTm43P6yMF7z_CvV1kkqkL-YvpaH0Bdc4RqEheiLq6myhvWejVFK3a-nnJTUXx36EnxJSa3M1NVw9UenJMgTVmJFhVJgk9PZV9QThBJxPcyCsjV3nRaU55yzttL4ZZH4yqBrkQgvl7TQCiML9qFIFk_2qe9RkFqxer25iZ3YeHNdvq4h93gPkr-STIv1R8AlRFS9tec-g0RwAP_GddK_zFJRkOPDrqU9N-enrXA_8OUqlEJfPO506LP2utK227P_i_pUUsXRdbXjWGbLEeOYxQMH-o_wDp-8t-6EB6T8X4gCK1ViMX0ESM7TI-bAQjKLdlNDI4mBrJe37hNb-j3RNIxLy97e68QNQ3j5cPeSTB8z1VqlbPy1h8wIAHuahLQbVhzdGXR28bXpN5soxTs5wr9FAzRptNJKOX7b68zpWongDr2C8rqqcrT5BRHZTKpK-JOzbm-13onmGf9P8D5GNj6rtOYjaVd56mRcUPu0Ou9_4XgsK1GQ0jzPXMTRkH7L0C9D8A8PXRwv3PStS5ui9iemND4ac8squXusD9qFfvwiM9ogJRaI2aq20E9Az2k0dCdxhYdl_kxaL5Kk4lUIuz8bt937_sQaLqVle8xDFeAXtNkkHk12GokQRulaG0lsq-KOtpOMYTq0R4aD8bjMajAfEuoUdCHBOg8kKHYyVtI5HFEmlCQiwBRTvl10EcUAhvhvVTBYYfZNVu9E9wRxR38RdzCM8Bsb2tPtpJylS_Y2LO6oTheIdIzxnLrOicPZ4PPYasK5llHUXj4WgGQ9P-jZJb0cZH2u43G1iKmMZcthB9iT_b7stJiGJ5v6Z3H4a-oqcGjJMLLuoYbE0uSzhEX5BJCdK0ryG2tpqCNEZph2riR80jSYAipgy6ZAveFoiy3LQ_lRdPVF9SSoCb6PPevA9cYHhSZ6BMyJmQ54XnVtN6TA4T3_E8ef05sQmq0O27WbVWVLSKhGghWzCzkq4pJ1E6G6gkaKwWtOiwLER8CrH425kkl18KMD4dBxnnqlzlLyjhE&sai=AMfl-YQoBKoZ6CZ9T6KJfnKd71hfiEIO7fwRowEBYUPdl2z5iPHcm4m9KUOztqpnw7ZfFV760vZll2dRtOx2BzXoyF5HFjswJsckGN3reXfN2qByQYHkaUdbGVsYyYwDDSvLGUbzP-Xp6ZQg1znsj-MCSr08mCEP5t6rheEIXDS33QASLf6P_2x40Bn4tkUUDVVOyQb_f1-S-h_4ip-bU6huCA&sig=Cg0ArKJSzBUYHLOM81l9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=910&vt=11&dtpt=590&dett=3&cstd=313&cisv=r20220919.58915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.capital.ua
URL: https://www.capital.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 11:49:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxoUY,time:668,type:e,im:%7Bimprf:%7Bttecl:898,ecd:205,tsecr:3%7D,pci:%7Btdr:236%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:668,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B284~0%5D,as:%5B284~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:403,sis:612%7D&br=c
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.gif
px.moatads.com/ Frame EA3B 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TOTALMEDIA_UK_DCM_DISPLAY1&ol=2433118744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3WJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-z0tp6wlWe0wLgg%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.capital.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.capital.ua&lp=https%3A%2F%2Fwww.capital.ua&t=1663847375847&de=239811329879&cu=1663847375847&m=206&ar=220b545db30-clean&iw=ccd94e3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A701%3A701%3A0%3A705&aa=0&ad=71&cn=0&gk=71&gl=0&ik=71&ic=71&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=54&cd=54&ah=54&am=54&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=10919430%3A27232704%3A327706517%3A166169331&bo=6909393&bd=capital.ua&gw=totalmediaukdcmdisplay715441700527&zMoatOrigSlicer1=6909393&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1600817806&cs=0
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Thu, 22 Sep 2022 11:49:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 22 Sep 2022 11:49:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091901&jk=3031217078439693&bg=!29il2JzNAAZqQh0mSkI7ACkAdvg8WodhIgPi1WnFGNp7cyOylSTzINp7nv1hmn0t0MK356GCtQPKMQIAAADXUgAAAAJoAQeZApWpg9eQKQPOMtbO301A8CWb6GPdmTTQoGm80wlC08GYimHPbIhfIndHb6KnC-K3320dhC-9ehxSXqnzZL3JidjeeG0E4lOn0qT7EHaJ6MUkGjBHeCdqPsny59ucpBbpuRGJiWLyMxV3inSTYB-q4z7xs32mdRFGbGeRKGcJRSQqOm50ZuTF2C73llAG2OM0oy4jjWuYuiqgGipUH-DFgmNON2OsGV5HRtv-ogSlS-VpMpI-xlIZ8HQm4EAzihYSUM4B-i2XIZJUgolZuah1FV6qWJRJ8p2UNTfSheFDTjcVK26cpS2qWOm28c_m62GXdrK8xIq6V-T_NW_yIy7j4XE5lgU5V0SMj7PTKyGfwPG5MiyrFMiPEEQByY6au-Ls60QN7sCwrTyGsttq2jf9NW0s23nQwHARw7oX2rz_kb1IyZKJg7UOatv3eXBsvIOyjXgbKRW0rKersDzatn61BNwe3u0b0cawwtkPiWjeep9FEiacwlGBpIU06Mi3cTh23uadp5xWHyojWGcV--rFTWWN0rUw6ogwleHNW3FZUQ4FlNXh0Fy0xPD-44DQqRf0dsOr92gJaOND0PAnOrRiKDx3j04aiU2EvC0sSLS0hXcOndtrFfIhqI14X15Xm_X1rHffhKhN-mbj_SsNlrgR7iSmFQ6KpXafFQHgUPtxVrK9DAsnXyGw68ys_6AtdNdQFOnWlCQlztvZ2yJqDWhlk3ncSlM6ixh-_CrrGLxxlMZbhZkTkE478edtf-66okk6fAnobpYUH-nQlD4-P7zgasVKTkz7iI8UcyuQUdcAzt9Zqu9LMDsS3bJdSrZd8L2D5-XDKnsqiHKdnG5UjofYdqcNhYQxRaYhGcKC3KiZyjqnf9BERK44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.capital.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 932C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 11:49:36 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame EA3B 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1c8aa3edf7ab15c66ca1f99b1203d9d6262caa767542574a2b18d45b3bda48e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2822
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24266
x-xss-protection
0
server
cafe
etag
8726009137278784513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:02:34 GMT
dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg
s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/ Frame 932C 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be989f3375d45b5813efab99c47e1a73c7407bd7ec599627f59441fa2514e86c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=1gGpnSVLjm&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 12:05:16 GMT
x-content-type-options
nosniff
age
258260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151312
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 09:27:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 12:05:16 GMT
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxoXE,pingTime:-10,time:834,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663847376234%7C%7C7920b140032e23d7c02bb92239b04273%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C54ae0badaed6a1fd48000f994618a2fb%7C%7C3b9707164fdbe777520cd162acc27249%7C%7C003e69528aa0fc1946f942afd81abcff%7C%7Cdc6dc7db7dc96842d3b6e3d2ddc2e95d%7C%7C29a1ffbb5c4e32fd764bf7e905adb428%7C%7C1663701684%7D
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame EA3B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoSwQSnK3Bqq9msSdGfTf41XCB7YBp8yzk3WbcBcf-En5PGvzob4vubxfyCpcfOgJIyxobGkvb5yg-QUQ5IL6uUEj0EJvgZEKgFbzrfU8FCa7w5LZZcik6QeQ2pCN7QqWX454TkQ&sai=AMfl-YT2mp9f7F8FcgoFbrAE8xOLH9LdAWeNjoWKjakRQiGt7d9N15L82RPMIX2kZLAMt93VzlKNoghVQEpST1TNjgHPKDIZwc-Kr2bYrXholiIrpLWseix-S0idazM&sig=Cg0ArKJSzAbZtS4af1x6EAE&cid=CAASJORo8uuX2WReZoCgzfp34yIPBxxupQNif5TeTL4iIz3pKO7avA&id=lidar2&mcvt=1030&p=328,1124,578,1424&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2673231228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663847374506&rpt=682&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
pagead2.googlesyndication.com/bg/ Frame 7CED 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16036
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:32:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0CE5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstovrztwj5iURcqLVuJrry2a6RhwpXdqSb5pNEHvtbF-wVgaEaZqyCLmvLRIvdPvbm6gA1MRP2Fa-XvzVLVj9pj_bfJ3lKn7zkduzJpD30_95oBj53HuS0GyrVcPDZm8jf-2XFrLg&sai=AMfl-YQmfojLtk3eLs27yEx2v1dXnB7LueTQ7h43Yj-tiSKvSzAgVO5CQQxWi4b7nwp0kOWr8fdWAL_fAW5Ljy6_bOY-deV79K_iYkIvchRWB1NgzOCGbfg0CZ3_WoU&sig=Cg0ArKJSzFa-Eqwjd1KcEAE&cid=CAASJORoWphtVZFX55i1Q8VhK5CmrqkW5r8sGZ90-hmh62L70g1vMA&id=lidar2&mcvt=1004&p=733,1124,983,1424&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=465682209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663847374518&rpt=723&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EA3B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l8czro1s&chm=1&c=3031217078439693&ctx=2&qqid=CPK3tL2qqPoCFcto4AodMT4GlQ&met.4=fb.5i~lb.i1~cmrload.l5~ol.1a0~idt.5~dt.-pc&met.3=733.i7~742.i7_1~748.iv~749.iy~736.jg~739.jl~735.jp_1~740.jq_1~374.l6~738.1a0~734.1c2_2~735.1cg_1~113.1cm_5~112.1cm_5&met.1=1.l8czrmp6~6.1~7.1~8.1~9.1~10.1~12.34~13.4v~14.4v~15.52~16.jl~17.jl~18.jl~19.19z~20.1a0~21.1a0~22.jh~23.jh&met.7=CBsQCBgBMK8BOPgMaG9wrwF40BqAAaQYiAHOL7ABAbgBAw~CCgQBRgBIMgBKMgBMMEDOPkBaNUCcMADeMAEgAGUAogB8ASwAQG4AQM~CCgQChgBIMkBKMkBMLoEOPECaNUCcOoDeIKPAoAB1owCiAHQiwWwAQG4AQM~CBwQBhgBIMkBKMkBMJMDOMkBUMoBWLcCYMoBaLcCcI8DeNYCgAEqiAEqsAEBuAED~CB4QChgBIMoBKMoBMPwCOLIBaLgCcPsCePsMgAHPCogBsRWwAQG4AQM~CBwQChgBIMoBKMoBMPsCOLEBaLgCcPMCeLw9gAGQO4gB_okBsAEBuAED~CBsQBhgBIMoBKMoBMPECOKcB~CCoQChgBIMoBKMoBMIEEOLcC~CCkQChgBIMAEKMAEMMkGOIoCQMAESNwEUNwEWNEFYJEFaNEFcIcGeJyqAoAB8KcCiAGrzgawAQG4AQM~CBwQChgBIMEEKMEEMPcEODZowQRw9gR4mRuAAe0YiAHhP7ABAbgBAw~CAkQChgBIMUEKMUEMIAFODxoxQRw-gR4hl6AAdpbiAG07gGwAQG4AQM~CCcQChgBIIUFKIUFMMwFOEdohQVwuwV4k3mAAed2iAGKxQKwAQG4AQM~CBwQBRgBIIYFKIYFMMIFODxoiAVwwAV4gAiAAdQFiAGWCbABAbgBAw~CCcQBRgBIPEFKPEFMLIGOEFo9gVwqwZ490OAActBiAHqsgGwAQG4AQM~CBsQCiDiBjijAw~CB8QBRgBIOUGKOUGMKEIOL0BaNQHcIoIeIidAYAB3JoBiAH3uAWwAQG4AQM~CCIQARgBIOcGKOcGMM8IOOgBQOgGSPUGUPUGWOkHYKsHaOoHcM4IeKwCsAEBuAED~CCIQARgBIPcJKPcJMMELOMoBUPgJWOUKYPgJaOUKcMELeKwCsAEBuAED~CBsQBiCGCzhZ~CBsQBiDhCzhK~CBsQBiCsDDhK~CCgQChgBIPoMKPoMMNMNOFlo-wxwww149r8BgAHKvQGIAZj3A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 0CE5 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
URL: https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1c8aa3edf7ab15c66ca1f99b1203d9d6262caa767542574a2b18d45b3bda48e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2822
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24266
x-xss-protection
0
server
cafe
etag
8726009137278784513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:02:34 GMT
csi
csi.gstatic.com/ Frame 0CE5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l8czro8q&chm=1&c=3031217078439693&ctx=2&qqid=CPO3tL2qqPoCFcto4AodMT4GlQ&met.4=fb.4y~lb.js~cmrload.lr~ol.1go~idt.-7~dt.-po&met.3=733.ju~742.ju~748.k2~749.k3~736.k9~739.ke~735.kp_1~740.kq~374.lr~734.1c5_1~735.1cj_1~738.1gn~113.1j8_2~112.1j8_2&met.1=1.l8czrmpi~6.0~7.1~8.1~9.1~10.2r~11.1~12.2s~13.4b~14.4i~15.4f~16.ke~17.ke~18.ke~19.1gm~20.1gn~21.1go~22.kb~23.kb&met.7=CBsQCBgBMKMBOOgOUAFYZGABaGRwnAF40BqAAaQYiAHOL7ABAbgBAw~CCgQBRgBILQBKLQBMLYDOIICaMkCcLUDeMAEgAGUAogB8ASwAQG4AQM~CCgQChgBILYBKLYBMM8EOJkDULYBWMkCYLYBaMkCcI8EeLmtAoABjasCiAHrjQawAQG4AQM~CBwQBhgBILcBKLcBMJACOFlotwFwjwJ41gKAASqIASqwAQG4AQM~CB4QChgBILcBKLcBMPICOLsBaK0CcPACePsMgAHPCogBsRWwAQG4AQM~CBwQChgBILcBKLcBMOYCOK8BQLgBSLoBULoBWKwCYO4BaK0CcOMCeLw9gAGQO4gB_okBsAEBuAED~CBsQBhgBILcBKLcBMOcCOK8B~CCoQChgBILcBKLcBMMMDOIsC~CBsQCiDUBDiYAg~CCkQChgBINYEKNYEMPoGOKMCaMUFcMAGeMPZA4ABl9cDiAG8zAqwAQG4AQM~CBwQChgBINcEKNcEMI8FODho2ARwjQV4mRuAAe0YiAHhP7ABAbgBAw~CAkQChgBINwEKNwEMJ0FOEJo3ARwkgV4hl6AAdpbiAG07gGwAQG4AQM~CCcQChgBIMYFKMYFMP8FODpoxgVw_AV4k3mAAed2iAGKxQKwAQG4AQM~CBwQBRgBIMcFKMcFMP8FODhoyQVw_gV4gAiAAdQFiAGWCbABAbgBAw~CCcQBRgBIIsGKIsGMMoGOD9ojAZwwQZ490OAActBiAHqsgGwAQG4AQM~CBsQCiD0BjjbAg~CB8QBRgBIJUHKJUHMJkIOIQBUJYHWMgHYJYHaMgHcJcIeKYIgAH6BYgBoBKwAQG4AQM~CCIQARgBIJsHKJsHMMIIOKgBaN4HcMEIeKwCsAEBuAED~CBsQCiCGCjjNAQ~CBsQBiCkCjjFAw~CBsQBiCnCjjCAw~CBsQBiCECzjhAw~CCIQARgBIOkLKOkLMMUMOFxo6QtwxAx4rAKwAQG4AQM~CBsQBiCPDDjZAQ~CBsQBiC2DTiwAQ~CCAQBBgBIMYNKMYNMKgOOGJoxw1wpw541gKAASqIASqwAQG4AQM~CCgQChgBIOkOKOkOMMIPOFlo6g5wsg949r8BgAHKvQGIAZj3A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxp8W,pingTime:0,time:1534,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:402%7D,%7Bpiv:100,vs:i,r:,t:1533%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1533,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1148~0,1~100%5D,as:%5B1149~300.250%5D%7D%7D,%7Bsl:i,t:1533,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1148~0,1~100%5D,as:%5B1149~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:403,sis:612%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:37 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel.gif
px.moatads.com/ Frame EA3B 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&dMoatBDS=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TOTALMEDIA_UK_DCM_DISPLAY1&ol=2433118744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3WJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-z0tp6wlWe0wLgg%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.capital.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.capital.ua&lp=https%3A%2F%2Fwww.capital.ua&t=1663847375847&de=239811329879&cu=1663847375847&m=1213&ar=220b545db30-clean&iw=ccd94e3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A701%3A701%3A1656%3A705&aa=1&ad=1078&cn=71&gn=1&gk=1078&gl=71&ik=1078&ic=1078&ez=1&co=1078&cp=1000&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1000&cd=54&ah=1000&am=54&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=10919430%3A27232704%3A327706517%3A166169331&bo=6909393&bd=capital.ua&gw=totalmediaukdcmdisplay715441700527&zMoatOrigSlicer1=6909393&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1931881733&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Thu, 22 Sep 2022 11:49:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 22 Sep 2022 11:49:37 GMT
csi
csi.gstatic.com/ Frame 932C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l8czrnv8&c=3031217078439693&ctx=3&qqid=CPO3tL2qqPoCFcto4AodMT4GlQ&met.3=112.g9~113.gm
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame EA3B 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TOTALMEDIA_UK_DCM_DISPLAY1&ol=2433118744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3WJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-z0tp6wlWe0wLgg%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.capital.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.capital.ua&lp=https%3A%2F%2Fwww.capital.ua&t=1663847375847&de=239811329879&cu=1663847375847&m=1214&ar=220b545db30-clean&iw=ccd94e3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A701%3A701%3A1656%3A705&aa=1&ad=1078&cn=1078&gn=1&gk=1078&gl=1078&ik=1078&ic=1078&ez=1&co=1078&cp=1000&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1000&cd=1000&ah=1000&am=1000&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=10919430%3A27232704%3A327706517%3A166169331&bo=6909393&bd=capital.ua&gw=totalmediaukdcmdisplay715441700527&zMoatOrigSlicer1=6909393&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1894954491&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Thu, 22 Sep 2022 11:49:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 22 Sep 2022 11:49:37 GMT
pixel.gif
px.moatads.com/ Frame EA3B 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&dMoatBDS=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TOTALMEDIA_UK_DCM_DISPLAY1&ol=2433118744&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3WJTdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-z0tp6wlWe0wLgg%3D%3D&sc=1&os=1-4A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.capital.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.capital.ua&lp=https%3A%2F%2Fwww.capital.ua&t=1663847375847&de=239811329879&cu=1663847375847&m=1214&ar=220b545db30-clean&iw=ccd94e3&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A701%3A701%3A1656%3A705&aa=1&ad=1078&cn=1078&gn=1&gk=1078&gl=1078&ik=1078&ic=1078&ez=1&co=1078&cp=1000&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1000&cd=1000&ah=1000&am=1000&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=10919430%3A27232704%3A327706517%3A166169331&bo=6909393&bd=capital.ua&gw=totalmediaukdcmdisplay715441700527&zMoatOrigSlicer1=6909393&zMoatOrigSlicer2=N%2FA&zMoatENV=j&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1001622051&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Thu, 22 Sep 2022 11:49:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 22 Sep 2022 11:49:37 GMT
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxpp5,pingTime:1,time:2536,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:402%7D,%7Bpiv:100,vs:i,r:,t:1533%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1003,o:1533,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1148~0,2~100%5D,as:%5B1150~300.250%5D%7D%7D,%7Bsl:i,t:1533,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:132,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:403,sis:612%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:38 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0CE5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=dbe953c3-2e0b-a961-60be-b6c4a7c947f6&tv=%7Bc:oWxpp6,pingTime:1,time:2536,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:402%7D,%7Bpiv:100,vs:i,r:,t:1533%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1003,o:1533,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:402,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1148~0,2~100%5D,as:%5B1150~300.250%5D%7D%7D,%7Bsl:i,t:1533,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:132,fm:tiaa1wk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:403,sis:612,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 11:49:38 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Tynt object| swfobject function| jwplayer function| $jw undefined| _userPlayerReady function| track_qaqEvent function| socialLoginButtonClickHandler object| lazyload object| oauth function| showPopup function| showExternalLoginWindow function| showLoginPopup function| getCities function| getProfessions function| resizeLayout function| updateAuthStatus function| registerActionTrigger function| completeProfile function| deleteNotification function| addToFavorites function| removeFromFavorites function| showCityPopup function| CommentFormClass object| commentFormObject function| $ function| jQuery object| respond function| playerReady function| _utils function| _css function| _hide function| _show function| ZeroClipboard function| adriver object| Highcharts object| HighchartsAdapter function| drawChart function| drawSingleChart function| toggleChart function| toggleInterbankChart string| GoogleAnalyticsObject function| ga object| googletag object| _fbq object| gravitecWebpackJsonp number| _subscriptionStrategy object| FB object| gapi object| ___jsl function| tabClick number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| google_conversion_id object| google_custom_params object| google_remarketing_only object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| GravitecConfig object| Gravitec object| WLPush function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| jQuery18107379577173455893 function| adriver_dispatcher object| _33Across function| __uspapi object| __twttrll object| twttr object| __twttr object| __buffer object| litHtmlVersions object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_measure_js_timing object| google_rum_config object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id number| google_srt object| _google_rum_ns_ undefined| google_rum_values object| google_image_requests undefined| google_timing_params object| GoogleGcLKhOms

28 Cookies

Domain/Path Name / Value
www.capital.ua/ Name: sess
Value: 3che4ev0su25r0vj7phh6dut07
www.capital.ua/ Name: b
Value: b
.capital.ua/ Name: _ga
Value: GA1.2.1209063104.1663847373
.capital.ua/ Name: _gid
Value: GA1.2.1484555946.1663847373
.capital.ua/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: _A7ta7mEtf4
.doubleclick.net/ Name: IDE
Value: AHWqTUnNl_C4WsNcj_SlgJF6QDSqV2y3MoUvai7_uokvoNmmWT6JeEgBq277SoZrlXQ
.capital.ua/ Name: __gads
Value: ID=316a3fffafe3435d:T=1663847373:S=ALNI_MbN1vjXMqDBB26m_jYnl6VRezrwfg
.casalemedia.com/ Name: CMID
Value: YyxLz4Q13-iD6KIg3tsvdwAA
.casalemedia.com/ Name: CMPS
Value: 1220
.casalemedia.com/ Name: CMPRO
Value: 1220
.adnxs.com/ Name: uuid2
Value: 2017404492306648480
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$UwQ-*P!]tbPl1M>e)ZlrFUfJ+tGXvWBCD%1#8dw[UXUg0OI5:07PW'2-Q<<wS+j_LN3If)y3KL9D3I?+8NjiZT
.quantserve.com/ Name: d
Value: ECsBCQGUJ4EA
.quantserve.com/ Name: mc
Value: 632c4bcf-68f4d-87fdb-a87e4
.agkn.com/ Name: ab
Value: 0001%3AfZjFrv1MvCQlg55rdLBCId%2Fh%2BsPbnYf5
.agkn.com/ Name: u
Value: C|0CEAqvwhPKr8ITwAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/ Name: uuid
Value: 0a2f7eb6-3a5f-4911-8d66-46a16eeca9fb-20220922 07:49:35
.casalemedia.com/ Name: CMTS
Value: 1208
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022092211493600079408768678
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 632c4bd0fed47ba2
.addthis.com/ Name: ouid
Value: 632c4bd0000148a3d0d521921a124f494f6dc53b5fae6038a1cc
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220922
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

5 Console Messages

Source Level URL
Text
rendering warning URL: https://www.capital.ua/(Line 11)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8LODz4OL4E7RYG0IZdvtLfp03moi6f6GxynRiKhC-oCrCjb5tw8HJy4Frs-BvvnKUmVEOtt6h20t8GKqSs6n3EUbWJoMU&google_gid=CAESEPahzENJJKOnbS0S6IeddB8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://z.moatads.com/totalmediaukdcmdisplay715441700527/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a879d5eb9dc630ead2ad2188112bb3c4.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ag.innovid.com
apis.google.com
c.bigmir.net
capital.ua
cdn.gravitec.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.adriver.ru
csi.gstatic.com
d.agkn.com
de.tynt.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.bigmir.net
ib.adnxs.com
ic.tynt.com
id.gravitec.net
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
platform.twitter.com
px.moatads.com
rtb.openx.net
s0.2mdn.net
sc.tynt.com
securepubads.g.doubleclick.net
ssl.gstatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
tcr.tynt.com
tpc.googlesyndication.com
www.capital.ua
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.youtube.com
yt3.ggpht.com
z.moatads.com
104.18.18.126
104.18.36.173
104.244.42.136
104.96.159.57
142.250.185.130
142.250.186.98
142.250.201.194
142.251.39.2
184.51.10.56
185.89.210.101
193.239.68.97
193.239.71.100
198.47.127.19
2001:4860:4802:32::3
23.111.96.36
2600:1f18:1aca:4280:17ae:f7a1:519e:8aec
2600:9000:206e:e00:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3031::6815:b0c
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2004
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200d
2a00:1450:4001:830::2001
2a00:1450:400c:c00::5f
2a00:1450:400c:c07::9c
2a00:1450:400d:804::2003
2a00:1450:400d:807::2003
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::200e
2a02:6ea0:cb00::2
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb
3.123.239.111
35.186.253.211
35.244.174.68
45.133.44.3
52.211.77.239
67.202.105.33
67.202.105.34
69.173.144.139
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
071e2b1d9a2b097b02637097cf21b804874be907bb233c0d2da7ac9e60dc7d95
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
0e17d961d401672bde10c1b67cdc6083a1db07b2fb89a310a534ef9085227490
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1a0204474934112a6a39bedafb7614a689d6fec65a7423fa57fe5fd58369c6ac
1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002
1c835ee88b96ea90b7a8aff875a23ee80a6ac74fce186a84eebcec9d6fd068dc
1c8aa3edf7ab15c66ca1f99b1203d9d6262caa767542574a2b18d45b3bda48e0
1dc6f5f8a855855a974c5b7c1e5734df987029d6690d288d1c6a0828f2b9b406
21f53085c3fccaff5bec767e848a931cd1578035907487d6dac2567cbb640d10
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24bda171d07d0e8118595d01eed06ccf7e3bc06ad15bdd45b1659fe34be6b931
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
286125ae16ea43b1c5fd845a948850f0e7de05f45cd1af1a98c0f1a0ea7ec13d
28da24c7924d7785e9cc84d2015c080d611d3d3ccb524a463036ba347f948645
291fcf6b0aea583079f4ea7c943852ddd668ad895ee08b0b557b372040d205a0
2ae76b693c9ae3d90eb97c87446852889c49a979eb8014e97cf9c3a9dcb8a3ed
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2be96fe021186a4288a68a0d3b7c2a397316ab440635ae14f2acb65aa0673d11
2cce9ad22a727ce036d9c6eaaf5ec058a84089f46fac91eacfcce676ccb3a772
2ea29173ab6d09c3d4c9b690df089412dc1297c3d7a2b68783e33318ec6517f8
2fc3f5aa5ee0a21b0ac738fba1eac241ac924339e1794c6cec91619e34bc0664
312d16737c730e755c0cd88abf2261a579fe39b66dcbc59bcb7c4bbf76fb1b1e
32a72054c44c9ab2dd16d13700b9aed862703b89b7cf09765f372c0957779e56
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
350bced20d8c9ed3eccbc0b344aad8e292f6eef92752334683228761a257ac0f
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3a202e70d4db97812b5fc72963c927bac431b7bff64c0bd47ece71ab6b21408d
3a5cf1105d60aeb4bd2e6420554aecd6321e547a557a60adaefa03a482bdb1c5
3c30f37c2c87a205069f6b21740187a7cd9c1a01883e560836c0e8d2365a39a3
3e7284d318cd4fe11463345aacc2c056edde135c6c7e6f52a74bfcbd4b0a005b
3ebd919eeb6e022bb3543d00bade694b24310e1da084d878048db142a7c51665
3f08af001134142200d0ef8e41ecb0f6f8d91951208c13f9e207e78d8f928b40
40ad8c5ef02bb8e4bf7d881e53c8c8f6324a4abe64738215c4fbcbe9100e59ef
40b39ecfb0a69c9b8b145596dc63355850353298908699a12b44cb343285d18c
4261168c69b8f0887385e3f95c5f7ea90f52d428ad1fe827a6d4beb5e36f9546
45009a4360ffe5364e2be9bea31dfdec6eedf10e6649bdaecf011ff88ba928a2
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b66b3745d45b60ec22a6b7b430fe6a2fb2d40ca19ca370bb5b404acbddfaf5c
4bca3d7095cfd66495e1ab002c3f29c473e8937598bb6587c9837b08eaa586e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511a0d1515cd71096dd0a3043120145478906f49a659403c4863820559499fc5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588a56638a8b444eeb671c67f0393e5afcbad5424cdb1bf62ba6628628766507
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5aa7357513ae62edeec06a9ff700c76e506a6d54945a572ac16249e8048e55af
5e57c6f907891c213a4be1b8db03ae43076e8a9ac6a02a88fe33bf8dca52dd3f
5f9260505cb5526e66a90f881f03937ac90713ccd18b2e8ff87d1675b388aea8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6247f7daed995cfb08f37d0007fad0cb1d63ef1b2de5cecf9c0ab86d85a5d65a
631c272f7f88a030ed11f904ab44f1015e8a2a04fe5a75af36dc0a098f29ca49
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
658b15da00eeb4c46131024f30119f582d0c4d46e3434ba2a1045999de575c7f
691d4aa5f5fac7d03fb78529a95fcff37984624a904645d9987cdccc8086b78a
69b7cdfb8f7b786f19ec1224d69419efd60878172a80bf69acabac07ff756e96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
72a25e15288d627519dbd34574323769d168e086c381ef0221039701d5178d76
75aaec4b62fba6c84cb3c62422aaf9ac5daa12d8f6682f2e332d2a6ab24592d7
7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608
7b83885ca41fc256ac7ca893538c781f1f1b89a0a88e6f86646149533e42d5f2
7bc49078cd148b10b22ed5e18498755305d5615ee7556aeafaec2f23c32044ff
7c22238b94a54738b7abd0a017c2aa6a4edba9f4c18cf6192a6953bd753c07a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d3c04e9e7e6154c1ca2e831613a83c093486264c3f1e0353b3d0fb9e23129f9
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9582fddcf573573833d07c893dcb98243a37e55c4ecd9659da5318c99480a4a1
96aec8c9f7981a987d0bacb3de756545e59a163f7fc94c47eea050b2f06316dd
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9767b15463e94e22f50f0f8e23670b0185f6257e48cd512fc962ea8a2c703f37
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98b3ff3a8543eaee1f9946fde06f31cd9bb98f9e57cd431e0234db57c221334e
9972e3e84a2e91b5d6fe48367badd742d054829303a42ef77d4f09fd5ed4d0b6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9e1d7c34f3b311ed92a50bcae21fdf815cd7a9dc4491a9052f439deb903e8cb3
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0cf09bd9f43169d5c8293631fc8c1a507f227a1ccd0f688d68e1334d5fcef8f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ddc44e3081c49237803054c042aaecc07bb19cd5881c1f331e7a1da9aa1ede
a2de465aae7c12a3aa8371f4bc55a48edd179d222e6754a1013e58fcb8574ed9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac20dcf13424aa4a54bfb9a97b3630e410f1b121c001399297d78b248e71e24a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae304b03685430f72e761e27c64d38d9c40bee707877039d4f1deda3d97512c9
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
ae9f8b2245fd6258201abe84a8d5f0800b0c96bbd5525cee109e4ca89741ebed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f70640d9a5a685f9114b0fc86db310f94db82454c1e28953a1424f7772a053
b4917a5290466244353dc49caa11b14916816e7523850ff103fabb5484222e0a
b510daf4a269c50ee4669c06f25d6b141676acfd21d3faa9663a19e96ac2cf01
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
b83f16828bd83d0d23827633f90ff31b26ce65269772607912ae09f6c69ec9f2
bbfedbec8c19e0e93646a74d2a83346d563db2821b2f0ae2c0bb5e43989612cc
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be66554323059a0abbfa9f331f06186ebc979027fe2c85f15ee79e4aa593b8b2
be989f3375d45b5813efab99c47e1a73c7407bd7ec599627f59441fa2514e86c
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf18c2ed159735a06020cbb58043dd22bdfeb9e489db154495e58991ccdebcfb
c6022b9877bec4a03206412f11da47ccd5529399b152f41b9c7f0f3a0368e32f
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
ca38f1b09b5080d4d706aeda131bb8785cb0c2b630b4d40821f7e1736dbf209a
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cedd780f76a420cb35b50a5a67dd45a38504ea9d5cb8f659f0539a4b19c3c8fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0289a5ac311cd78f0a4cd60735f18afc889af66a8e3631c0f894e881c400c02
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d32f16a8513989400a9e3311f0c1cd68bcada10f0b280c4349a8e067e144abf2
d75dc75cb106de2457bd8b4c6ec3bfcb6956ec5a71ae1d63bd3c04bca50d0c04
d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d
db54105fde6a0d05b0128e79b9cb1f62c03f6b1ad56f2f3d4c276b502b89e58a
dcaf67aaced809a8a66e31ea3e7c0623de21c3a3509f3af9e70574bc9d420dce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9f52b199120cfd34bb5c1fc747530e03ad4a3d363b51e5b05e68221965174aa
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04fa8e54a4b29df65e453963d74219400684d053364bd67e79590bb4693b944
f72c00b15f5e8de9e6d3b0ce7cb5844461b95b80b2765684e8251674898602e7
f799afebaa0125cc2e1d05bb4559d198d1092b87f20951d3a3d84994e07561de
fad0b6b439c6f41a1eae9a2c56fa4be57076632bbf6af46f44535b7a4d489af6
fd6058bab23892b96292f3ee138daa1661219bf2e117acd6252a2f90c517dc4e
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2