lb.ua Open in urlscan Pro
2606:4700:10::6816:3f78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lb.ua/
Effective URL:
https://lb.ua/
Submission: On July 05 via api (July 5th 2022, 2:35:52 am UTC) from GB — Scanned from GB

Summary HTTP 208 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 25 domains to perform 208 HTTP transactions. The main IP is 2606:4700:10::6816:3f78, located in United States and belongs to CLOUDFLARENET, US. The main domain is lb.ua. The Cisco Umbrella rank of the primary domain is 347402.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2022. Valid for: a year.

This is the only time lb.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700:10:... 2606:4700:10::6816:3f78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
38	157.90.133.197 157.90.133.197	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 17	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
8 10	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	20.85.9.11 20.85.9.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	13.112.193.52 13.112.193.52	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
3 4	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
23	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1 1	34.251.55.128 34.251.55.128	16509 (AMAZON-02) (AMAZON-02)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
208	30

11 2606:4700:10::6816:3f78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 157.90.133.197 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.133.90.157.clients.your-server.de

i.lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.18.126 (None, ) 8 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.9.11 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.112.193.52 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-193-52.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.23 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.55.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	578 KB
49	lb.ua 1 redirects lb.ua — Cisco Umbrella Rank: 347402 i.lb.ua — Cisco Umbrella Rank: 722429	1020 KB
42	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 ad.doubleclick.net — Cisco Umbrella Rank: 189 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	336 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	380 KB
10	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	9 KB
9	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	114 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	241 KB
4	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 629	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589	549 B
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1107	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3185	87 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	google.ae adservice.google.ae — Cisco Umbrella Rank: 119687 www.google.ae — Cisco Umbrella Rank: 24039	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 390	17 KB
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3023	376 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 907	356 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 2158	576 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4608	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	462 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
208	25

	Domain	Requested by
38	i.lb.ua	lb.ua
29	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
23	s0.2mdn.net	lb.ua s0.2mdn.net
23	pagead2.googlesyndication.com	lb.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net s0.2mdn.net
17	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net lb.ua
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net lb.ua
11	lb.ua	1 redirects lb.ua
7	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com
7	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	ssum-sec.casalemedia.com	5 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	image6.pubmatic.com	3 redirects lb.ua
4	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	lb.ua securepubads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	lb.ua
2	cc.adingo.jp	googleads.g.doubleclick.net
2	www.facebook.com	lb.ua
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	connect.facebook.net	lb.ua connect.facebook.net
2	ssl.google-analytics.com	1 redirects lb.ua
1	pixel.everesttech.net	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	beacon.walmart.com	1 redirects
1	e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	www.google.ae	lb.ua
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.ae	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
208	37

This site contains links to these domains. Also see Links.

Domain
en.lb.ua
like.lb.ua
www.youtube.com
www.facebook.com
twitter.com
t.me
projects.lb.ua
depositphotos.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.lb.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-07` - `2023-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.google.ae GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://lb.ua/
Frame ID: D4E5652531F895171A62865415B0A463
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 13517E43EF0AC36B21223B75A45A1372
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1656988007&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16777344%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546264&bpp=3&bdt=283&idt=156&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1518414470042&frm=20&pv=2&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=181
Frame ID: 3AAA01FA1D23CBD1C4DC8D0C4DB36B85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1656988007&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546279&bpp=5&bdt=298&idt=185&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=s9azpUNvO0&p=https%3A//lb.ua&dtd=190
Frame ID: 0B4BA9C096E96EC68974F044386B2590
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=1289157958&pi=t.ma~as.8605697088&w=300&lmt=1656988007&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546290&bpp=14&bdt=309&idt=191&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=1783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BSqvuacuL7&p=https%3A//lb.ua&dtd=194
Frame ID: 806C3C0F085E106CFE4029EED7DB86C0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18
Frame ID: DAAEE1B0B0C67F3F04D8C0FF51823C73
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22
Frame ID: E0D80B9CCBBAE3F0DB3855916E2142D3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26
Frame ID: 6EF7DE0C4C6BBC2B1CB6E3C8D3AE3BEA
Requests: 1 HTTP requests in this frame

Frame: https://e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE87B7F39DDA02FB5F3CE30D82BCF667
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 23579C731B7FF22E271347C98C2FB47F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGJf9sskBMAE&v=APEucNUzyXBYg-iDOkAIz8XNp8Lt5fnhqRjVaSd7la1zRF1HiCjcBMYQjV3bAK-UNqfyEVl23nRCy9-67Vj_6JNLHViK8ns_6g
Frame ID: BD0C0803F2074ED8198DB4CFC9E82447
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAXcHDF8Zj91pfp1ccVnIkNPTEjQjFHtusP7TxiSAj2UfMMcb7IItztqN9kPCoHJx14XBNbPZaCwoKHAYQ4hao_6iPGDKrtPAd0AxjNcrC71v6sYRsqPTorLRRUVBWLixeltxE4NgVFFmWrhIuAVddBU2DkQ&cry=1&dbm_d=AKAmf-B3CzdGUAUU1wzDFzd44QNudrakqPo51Xxa7qEIh6f7lvoOYRbrEaITuIJWQLzGl_2rbmRY7BREc59nEKoy3KkM0hKCom8MyBNkQEi5ZqNAMIfarY8vGEahD1W3DVQUacL0fIuFmJWW2VHVStcQYn6Z9OtJzf7p5-tQoetZFuCjMSWRXTdHBWcSB7sdeFxGo5ujuhQ8ApcLKB3BXlBS0RU44qpZ3sgBYQAqgDKaK2lQ-SHIJ0LNftHr-UN07bL4S-sy8MFJDnlh8wpX0dlkCPd4D7sfxjNe2crp5yaxNJr1dCUnwJKBzjw31919c6sVA4T-3GC4io83PaJ_Ld0QJmckWKB52sVMlmE0rYYP9WIgzueurQlTo-cSnviPGsgouXZRcMDMgsDXofNbiKZVJlJw_qZi1GHZ0Pg9TKixCliP_j7Yu4x9D578fzC2vt83v_SlXhkEu3_AtvJiwYWPnnbjtw3Zih78W8YNPuVrMbXF82nlhmZMHshuLecYSj9MobL46KmvkRWcTFtul7ZPcQbIlomRSCkshiux69x8sgCbiuhd-w5lAqPzfuD6Dfu1HajruF2qNHDCRFYu_NKomCAxGEHQLKMJw5brlRTOzxAq0WtnMSq6uyZR13Lq2WbpWKELlL5J7GLMg-Q2Tfluw0jobShHcyyZP_Vbcy0W7Zlsddljd-3wnS8p4YN44H8Un5itenPijqj14f_YwJ_g0veXHc7e_rk0SCLl4X2qzT41xcI64KWFKX442-0KaceDOZf69Qk7qLPz_EPLoeo_4g4IYZ3Gox6rZSrW3jPvTREDsY23d3NOh7qVUy3eBLnCs3tTAep_zabPnyfHsrcHFsH8oK9TNipQyIt5uqVdeHvdU_cHRwybdcLvWfWfvp5mk4FRE82i6gArL7DgHU5F7tK-JXoZzQhfHxUVxiJ2LV0meBvkelSB5otYWgUTxq6gVfZNcRZbfbT32nxvFOVH1JD4oEETd6BJhfjCoQG4EMm3fxA1Ak1MPEh6JsoVZtwvOmkKZULSpJ75g4RgKpKW9NMjf6ZRYNOH-tDazeE6rEMGZdVCiov6s2IaarrdsEAWOXRCzVVPUPTuYcpCo_y9SoAdFL6CRE3jShn1j0VLX2Eg_FFLJsELvqtV0dEq0phSskvJ7J-oj3fXI8b-FUT3JiH4Re1X9hDhqRZgRFW0P4VoVlUkIeaywRDKJxPXifLxWbhLJgP7vwypcYI4u1YeaQDcxNsP7kuyhwpfo57gqvC2RnF5yHmCfMP4ukXxWXgSo8tRFsv5bWX7iA4XgZ767tg29ND-5Hkvch4O8dq6lG3WFgk2x23XspLphr-ANSnTY3k5VsVryXzq-8fbqmJRQuGZlZ3MaUymcOzUXL35rGDHqRHgsYcDoZAxrVFDrQJc2vOc4Ev7qAlCMNjlyGGyOBhG6KK0cG3zX6Q36CweOx0FkohsrTzUF-6YEH0FG9wFRu_b1QmsEZyCpnE8798taVj3iCC_WcH9PUT5c06hNEsyPgPa3pn6E-a_ujM0vch5n9bEFYgz3SHw_cOazb3goxgAAC6a_PCB6Ya6-iaB62QJYWloEmkWN823MzHRXV5_e9GsNfY5hgzn-qLDvT1iD6IhWGY0oxAXTTHUnFsQgN5TEzCFnuLaU-Pz5X1MApFxHR_6JiZS7DKLaf7AVjkCumrWLizkyFh13WEgh_IjFuEBuGeE_zfQjaI1w56vyDHrSVZUtLckz-sJIxenifwETp0Rt4dmwWaPjV4-7krr8ZQ5_SsEMNtwVh7ml5HA_jssB-_qFtN-2MwmsbgKYMVx3Gj6IE22hodVr_tDkU0i6Zg3ceZU4S46-tAyJ4qe5aBBNu0BbRHPa2LkAFZ-s1q1IcETL9gsb7aVwLwIj5AKdJBHOcKQbEc2YA_348k7no2Aoreb6YQHDGuL1drwO1R5ioopmktKYVnGJCGrGRmYUAZweXYGsdKJ00THtx1s3DNaO_JMxYlJzni-ztBtolbXGQau2d5paW0Am8_yfrwz21Y7KGc8KL1satSmucwUny997hzdKhVrqVV92UyQOfDljJVVM49FEhP9ZSBDnS71d9l68pA5Iaz8iFJd-V0cWI0dUHzhURhnkHIawxKNL5WUh-KqTvHpnIG_YuswvYBuUU0KB5BRt3LTAn0-770ekWTvkmkp7_cYVB3f-GR2y_qc5ds9sjKpR-GOlc4U0I2AE1NCqVJSsHDN65xJrrAFBY6yaHsXrEVEJ0XCEX7EpXlqCKx-aZrQln9955Pbpvx1YGFBV-n60_BxtjILL-ifb2hVw7N51PYETTmFIq1EB86JKSPVjkcKMwvgmnQwOolIydOdSCUmlFlU9CDOzfA8ZPHFwdnN8CLiwob2TPfztqEzGEg24VSjyzO_aISCQfGcEWNYJfgBm_eJKQ_eZb1wVxKcko0l2nRwXzblxjeyLryRCodNfHLDug8z-fxaS1X6dPBhCiBFmK0AOaCPz-yDiYZU54t3dTkhxOapyAHvx7Pz87KNLAfSm5ZBj0JXPdzs08niW8A-Jiwks38YumRyhrvigFGNmIGPYwdE-vWg-NmwhUURozwaL0g5dvV806b_NKcuRUHQzNe1JyVASt6-g_19K4BTvW8L32n-Fla1VjKqIxMiWp_6NYpIksjI1v-3HT-B8nmAygcfmqL9xh9Z__mKSGDcxyzYIFB7Az_8i5rEYIOLQ3bAyP1y0njsCw3ZIFeCXiBL4zdaQzB-5vdFchWp5z6wcFdivQirzBbhsCQgneVY5ZzhgRjDp5HURniJZNCieRdqEUtQafAk5pOoPjOm4cAz38skkaocKyzhHNHxMCIcebnHCygAl2tRLoY0cRWrVZN59845hPShG9xXn9XGSIRT7BadP1gQo9gSSmpP1eR8-5jy5oi90upovxo1qkajsy9KOnBOd50uE-H0PpoXbizTfSDmppydIFJ1Yh9QN6f3GrgiNahuH9H5dQK4v8QZh8Tw2_CBl7l5Quv85yYzkhRj60JGGQAQ3xcwCj0qdN1uyQE2jefiEpgtc2SoBY6UxlkGaecK3ZsiCXseQMi2CLw6MI0BE74Xm3OULa3BNEgv1SkJPjVmhzy2317SJ-_hE6X-nObuQZupl5SMZK6xCsOCz34gKZvdJ8xZFSkjrU6FbFjU7PTd0dX3S4Ot0QL6Cekgf6KWmEQAXtNuc8jI8bW1XfQupqzhM-mo89qkAPvKbWXDpbBCG7aK_TkDs4mqRlCn1wFlFZfig9_CTrd59N4CP0uAAvtMT8ziaPLp89jkdJnFgonWmXvvUEin9El9RAL3SlGIrFi5HuV35BZPnXj8PqDTFqMaVCjRvKygsidsgMAc_CC725SpHn0R2uqd6WutppeBl9UBBdOaTaecMMHxEYynJLjiR1UQtcK6TwRVUFQzZxQdl_wd88oLUZ0Q4mqg-v1LteHPMYXacVidmh11iY_2QYXLCl5S_93461bSWttFeivc9vEBNkgz9sYcaiRB1zaUEfcVGYoG60MZiM-u7CJPZupEW03Ymc1wTJsq3NQEPc1lx--dOw7cVZG7gXiqFMr1k1K8A14x8mO0TCEKhm-L7MI1FQN4QebXWUQFtFCpUDG5TKeOUgDQOZTOxsXt3IzkY_jJbjjPA2MJzYY49dzytbG_PovNcjSheSZaSUoEtZ48rwuR324B3xTHxaXrMnhrjS6xI9QHfOTKUDiDVDUBBnoMaAn7TzD71YvbHq89EC4aPgARoLgv2bnJ0cIYvnuEEd0cRzIVqKBiRYXWQutS&cid=CAASJORoEIAcAddeJ17CZ-CT5360GJFT-uu-Fd53tF9kXxs9Nuxmkw&rfl=2%2Chttps%253A%252F%252Flb.ua%252F%240
Frame ID: 0839D9997DD00DFBFE8D468CEEBBAC60
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: A233C537398A6E4B2AE33D7B1F6F6A0A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5361C4503D9689847B5FC7FC846B3DE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D2EBBD426DDB0803AF33D3510388E30
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25F2F2008E36882C3C62F5BA2B591CF2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E26AEF3D0D354630CEA06C82A66B6002
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9EB770E7A26D83F2D955302848ACCE60
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 87187F3B0DC259ED6EB4323451898BA7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: CBD109DAAA443C782F6AD42C9BFD1348
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F708395B39AFBB9D592711E7251E4BB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E3886F7C6943F8B53940566CE0B196D4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
Frame ID: A743C3DBAD345CA17AC1764B387491B1
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 039C033C630125AB8E12E02DB69A1E7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F496F44E2B5097A9F91954A9345AD6BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 157EDB2EA6DEB630FB14DF87267B45C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України від LB.ua: оперативна аналітика української політики, економіки, новини культури та спорту

Page URL History Show full URLs

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

208
Requests

91 %
HTTPS

58 %
IPv6

25
Domains

37
Subdomains

30
IPs

6
Countries

2805 kB
Transfer

5435 kB
Size

19
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://en.lb.ua/
Title: ENG

Search URL Search Domain Scan URL

URL: https://like.lb.ua/
Title: Like

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_wMhlGmskE2Ue-400XjofQ
Title: LB Live

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%D0%9B%D1%96%D0%B2%D0%B8%D0%B9-%D0%91%D0%B5%D1%80%D0%B5%D0%B3-LBUA-111382865585059

Search URL Search Domain Scan URL

URL: https://twitter.com/lb_ua

Search URL Search Domain Scan URL

URL: https://t.me/lbua_official

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/LBTV_channel

Search URL Search Domain Scan URL

URL: https://projects.lb.ua/neymovirni-lyudi-epitsentru?utm_source=lbua&utm_medium=banner&utm_campaign=epic20

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=3DvRHBgsaSM&t=12s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=7HlgTrSUmcE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qpvSNyUs0_g&t=211s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=pMuVIlm9PnY

Search URL Search Domain Scan URL

URL: http://depositphotos.com/?utm_source=LB&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277346405&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%B2%D1%96%D0%B4%20LB.ua%3A%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%97%20%D0%BF%D0%BE%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%B5%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%96%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D1%83&utmhid=860749049&utmr=-&utmp=%2Flb%2F&utmht=1656988546513&utmac=UA-10143123-13&utmcc=__utma%3D5405166.1359141589.1656988546.1656988546.1656988546.1%3B%2B__utmz%3D5405166.1656988547.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=70126054&utmredir=1&utmu=qBCAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405 HTTP 302
https://www.google.ae/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405&slf_rd=1&random=2288437283

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&C=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsOjg2G.u1iSvj9lapdBGAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&google_hm=2

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJeOiyOiiqmhdgjSRkv6j90&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2MjU2MzU5ODc3MDU3MjIyNA%3D%3D

Request Chain 134

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEEuSScRAK6N-8sHUFEU7cos&google_cver=1&google_push=ARnp8GArE6mywvWlcPFePgqj_WmL-28rZZg0Nr3QeCSl1ZlOUVeqsQ8k9HoE-WS854ohxyB8r3Mohh4WOZP6Vj22XnKF_3IqiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bLuJkh3njowGEQvrlldB0o&tap=gAds&google_gid=CAESEEuSScRAK6N-8sHUFEU7cos&google_cver=1&google_push=ARnp8GArE6mywvWlcPFePgqj_WmL-28rZZg0Nr3QeCSl1ZlOUVeqsQ8k9HoE-WS854ohxyB8r3Mohh4WOZP6Vj22XnKF_3IqiA

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJkXh7SGFQIwtWqOP6eWpmo&google_cver=1&google_push=ARnp8GA4663KUPCT6Xb8K7UcM0YMXgBHN2zpaRfKoYjJxN4Cyi1doaI4xtitABSlxMyyfIP_4cS5VM7Gy9-lamQmIEo83gjc0OE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VVgtMjAtMk9YNg==&google_push=ARnp8GA4663KUPCT6Xb8K7UcM0YMXgBHN2zpaRfKoYjJxN4Cyi1doaI4xtitABSlxMyyfIP_4cS5VM7Gy9-lamQmIEo83gjc0OE

Request Chain 138

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_cver=1&google_push=ARnp8GBOTDyOYKtlHW3RFtHDaXEp8HOX4YtkYXP_-DxYVy7hNGQ0gXA3RDHw0om9q1sAFaMMe9lmmzrNgERV7MbeItkb9cEZ-Wg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_push=ARnp8GBOTDyOYKtlHW3RFtHDaXEp8HOX4YtkYXP_-DxYVy7hNGQ0gXA3RDHw0om9q1sAFaMMe9lmmzrNgERV7MbeItkb9cEZ-Wg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GBOTDyOYKtlHW3RFtHDaXEp8HOX4YtkYXP_-DxYVy7hNGQ0gXA3RDHw0om9q1sAFaMMe9lmmzrNgERV7MbeItkb9cEZ-Wg

Request Chain 146

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJopyrrkYGUyywV_MM9KMC8&google_cver=1&google_push=ARnp8GAjh220ssRU3xicl2u043JYmki3vr7AhvolRyfYH8OUqLFoSU-n7p52redD6fPfDBBe9FVhJvAuuKzbW6WnYufXC3TnMCI- HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJopyrrkYGUyywV_MM9KMC8&google_cver=1&google_push=ARnp8GAjh220ssRU3xicl2u043JYmki3vr7AhvolRyfYH8OUqLFoSU-n7p52redD6fPfDBBe9FVhJvAuuKzbW6WnYufXC3TnMCI-&rdf=1

Request Chain 147

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELdqtNDeelcz9ZSlf9LfIts&google_cver=1&google_push=ARnp8GBBsA4hRHpqnMxi3-cI7yGObuSe5kwtp64zm9DxySga17f-xeAhnNTM8AfIFqfjMfcDRfQGLSIfCDyZBBNNwIjqiXosXBbH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VkYtMUgtQ0gwOQ==&google_push=ARnp8GBBsA4hRHpqnMxi3-cI7yGObuSe5kwtp64zm9DxySga17f-xeAhnNTM8AfIFqfjMfcDRfQGLSIfCDyZBBNNwIjqiXosXBbH

Request Chain 148

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_cver=1&google_push=ARnp8GAq4i0PaWaIg7HfShGDNWbIh2O9qv_Bb0b-mqVK_zVlAIuaTy4v8DCC_3qdwuf9COmW-49ZJ6LrCIuQVOuOg-SjoXdt4xQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_push=ARnp8GAq4i0PaWaIg7HfShGDNWbIh2O9qv_Bb0b-mqVK_zVlAIuaTy4v8DCC_3qdwuf9COmW-49ZJ6LrCIuQVOuOg-SjoXdt4xQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GAq4i0PaWaIg7HfShGDNWbIh2O9qv_Bb0b-mqVK_zVlAIuaTy4v8DCC_3qdwuf9COmW-49ZJ6LrCIuQVOuOg-SjoXdt4xQ

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEImDG7TeOTgzx89LFwnkvCg&google_cver=1&google_push=ARnp8GChwMDn9w3-oG1v4OwTUXh7xuHzvaJ7SJoeUFHLP44ZpKqzmSthDJuDMzueB6xJth-X9qzQdFa4CU0sNX7kba3XrzSGBNM9 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GChwMDn9w3-oG1v4OwTUXh7xuHzvaJ7SJoeUFHLP44ZpKqzmSthDJuDMzueB6xJth-X9qzQdFa4CU0sNX7kba3XrzSGBNM9&google_hm=lc4R1-Y64I56OS7Jd46AWA

Request Chain 166

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GADPSAkEA6i38JgsVj2__TAqdmwzAT9niiy-rYw782cVePJYLYiWLz3O_yZKenLnlsLS3yH4-PlJ46awxkT9jIcwfAiIm7u&google_gid=CAESEMxdTWBphrzCPAf2q-DZNt0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNPamd3QUFBSEpjb1NZRw&google_push=ARnp8GADPSAkEA6i38JgsVj2__TAqdmwzAT9niiy-rYw782cVePJYLYiWLz3O_yZKenLnlsLS3yH4-PlJ46awxkT9jIcwfAiIm7u

Request Chain 168

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEzSRt1M3uvygZ37XiTIoFU&google_cver=1&google_push=ARnp8GCv75ZRqRysFz9bmbEUQhAtM70-dlC9972jhmokWRRgeam2ibD07Cy8YwQLy4Vbh9FHxVypxtCI6b5XtL30ZVsjwM4IpvGL HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEzSRt1M3uvygZ37XiTIoFU&google_cver=1&google_push=ARnp8GCv75ZRqRysFz9bmbEUQhAtM70-dlC9972jhmokWRRgeam2ibD07Cy8YwQLy4Vbh9FHxVypxtCI6b5XtL30ZVsjwM4IpvGL&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l6Udwr6eRpCNFd1s8QhVFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCv75ZRqRysFz9bmbEUQhAtM70-dlC9972jhmokWRRgeam2ibD07Cy8YwQLy4Vbh9FHxVypxtCI6b5XtL30ZVsjwM4IpvGL

Request Chain 169

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENZ55bKVVoFbQmTEYLBHwqs&google_cver=1&google_push=ARnp8GBsk9d5LRWihBFRSUPIIlpx9iS9WbKDmw2gG9JI6aAvQLvha1TWT9vaRA5dEZy-9g_04WvSjEYmZvbDfYvjfn4SjyJpRxwd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc2MEYtMjUtRE05QQ==&google_push=ARnp8GBsk9d5LRWihBFRSUPIIlpx9iS9WbKDmw2gG9JI6aAvQLvha1TWT9vaRA5dEZy-9g_04WvSjEYmZvbDfYvjfn4SjyJpRxwd

Request Chain 170

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGoQ2YI1CQe4XrI_3JfZCv4&google_cver=1&google_push=ARnp8GCeS1lrkjvq4i0Ll5IKXAv7YezY2zHLdTcoevGRx4ZPqilysrKkhO7xTDxv2weJjl3FyLcqRnAus0Gztk30ScSRLHuh8z0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGoQ2YI1CQe4XrI_3JfZCv4&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GCeS1lrkjvq4i0Ll5IKXAv7YezY2zHLdTcoevGRx4ZPqilysrKkhO7xTDxv2weJjl3FyLcqRnAus0Gztk30ScSRLHuh8z0

208 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lb.ua/
Redirect Chain

http://lb.ua/
https://lb.ua/

78 KB
19 KB

324ms
260ms

Document
text/html

2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0
Resource Hash: 71fb27eb0ba355bbb56958e5d1af8c02347fd6f19f039e388d7f0a3ed2216481

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=300, must-revalidate
cf-cache-status: EXPIRED
cf-ray: 725cb58adec9f43b-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Jul 2022 02:35:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 05 Jul 2022 02:26:47 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ARR/3.0

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 725cb589bd20f3fb-LHR
Cache-Control: max-age=300
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Jul 2022 02:35:45 GMT
Location: https://lb.ua/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 ptsans.woff2
lb.ua/media/1537/news/fonts/ 104 KB
104 KB 202ms
201ms Font
application/font-woff2 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1537/news/fonts/ptsans.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "ab13d70428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58c7f7bf43b-LHR
content-length: 106704

GET
H2 200 ptsansb.woff2
lb.ua/media/1537/news/fonts/ 106 KB
107 KB 170ms
169ms Font
application/font-woff2 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1537/news/fonts/ptsansb.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "ab13d70428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58c7f7df43b-LHR
content-length: 109012

GET
H2 200 icons.woff2
lb.ua/media/1537/news/fonts/ 65 KB
65 KB 203ms
202ms Font
application/font-woff2 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1537/news/fonts/icons.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "ab13d70428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58c7f7ef43b-LHR
content-length: 66624

GET
H2 200 style.css
lb.ua/media/1537/news/css/ 58 KB
15 KB 202ms
201ms Stylesheet
text/css 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1537/news/css/style.css
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644340a6e6ad5297bcabd9912e0a644e7957e47dc86ff49c52a31bc0155ce339

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 01 Jul 2022 12:51:20 GMT
server: cloudflare
etag: "554c1d43498dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58c7f7cf43b-LHR
content-length: 15665

GET
H2 200 jquery-3.1.1.min.js Show response
lb.ua/media/1537/news/js/ 85 KB
38 KB 229ms
229ms Script
application/javascript 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1537/news/js/jquery-3.1.1.min.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "eb893670428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58c7f7ff43b-LHR
content-length: 38706

GET
H2 200 common.js Show response
lb.ua/media/1537/news/js/ 72 KB
25 KB 238ms
237ms Script
application/javascript 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1537/news/js/common.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "d3622f70428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58c7f80f43b-LHR
content-length: 25171

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 143ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f02cc3254f34513a4dacd336850ec26d769422f78a814e71abe2a5fd5d0803f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56480
x-xss-protection: 0
server: cafe
etag: 6478040951840807938
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 160ms
61ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

31e6c7b05dd655d6d4c59af29445a27887b8bb11eb156ed28955565190d249bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28046
x-xss-protection: 0
server: sffe
etag: "1264 / 721 of 1000 / last-modified: 1656713226"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 logo.white.png
lb.ua/media/1537/news/img/logo/ 21 KB
21 KB 168ms
168ms Image
image/png 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1537/news/img/logo/logo.white.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1537/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1537/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "5096d46f428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58e2859f43b-LHR
content-length: 21495

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/ 340 KB
120 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb63e0e6f5e6a87ad9cbd8e5b808cd5e9c55a922d394f0cd0618b0fb411bfaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122448
x-xss-protection: 0
server: cafe
etag: 8478231753573006430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 1351 10 KB
5 KB 153ms
45ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 16:02:30 GMT
etag: 10429905676100781186
expires: Mon, 18 Jul 2022 16:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sprite.png
lb.ua/media/1537/news/img/ 13 KB
13 KB 175ms
175ms Image
image/png 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1537/news/img/sprite.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1537/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1537/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "41e3170428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58e586af43b-LHR
content-length: 13544

GET
H2 200 62c287a2f2d2e.jpeg
i.lb.ua/087/54/ 35 KB
35 KB 350ms
203ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/087/54/62c287a2f2d2e.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 34e8190c3f46c8c94ca0e70d4401c912c85f8554e31a8e463e0b2fd365befa71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 06:24:35 GMT
server: Microsoft-IIS/10.0
etag: "d42ae5ba6e8fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 35427

GET
H2 200 62c3031f7f174.jpeg
i.lb.ua/077/21/ 57 KB
57 KB 251ms
105ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/077/21/62c3031f7f174.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: d3404f46df92e35dd258fbaffac09dc961e1baa88ccef7ba51ab687764b10fa4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 15:11:27 GMT
server: Microsoft-IIS/10.0
etag: "2d447355b88fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 58426

GET
H2 200 62211d74032b5_200_130.jpeg
i.lb.ua/074/39/ 5 KB
5 KB 302ms
156ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/074/39/62211d74032b5_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 03 Mar 2022 19:56:36 GMT
server: Microsoft-IIS/10.0
etag: "5da632ca382fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5527

GET
H2 200 62c344383d7ea_200_130.jpeg
i.lb.ua/105/04/ 10 KB
10 KB 359ms
213ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/105/04/62c344383d7ea_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 748689026ad60d8eb6cda232271cc556b940a72fadefc8f4ff56bdc852a5fdab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 19:49:12 GMT
server: Microsoft-IIS/10.0
etag: "16339822df8fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10165

GET
H2 200 62c307015186c_200_130.jpeg
i.lb.ua/055/05/ 10 KB
10 KB 399ms
253ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/055/05/62c307015186c_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a76db7fc5d2837f6e0d2c1c95623bbad9767816da7a88348471f0ea1b40baf26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 15:28:10 GMT
server: Microsoft-IIS/10.0
etag: "f83237abba8fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10024

GET
H2 200 62c346ee5d01c_200_130.jpeg
i.lb.ua/037/00/ 4 KB
4 KB 397ms
252ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/037/00/62c346ee5d01c_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 48f29262af26c4aa1136562fa7e9f07117cce454be01e73d0a2447be50335ec3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 20:00:46 GMT
server: Microsoft-IIS/10.0
etag: "55ed43c0e08fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3964

GET
H2 200 62c2fadcc8dc3_200_130.jpeg
i.lb.ua/121/01/ 5 KB
5 KB 287ms
155ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/121/01/62c2fadcc8dc3_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: b68e0685ed370e4ebb403301bf3d6b2e7d391b1c31cf6d0f01e74da5bfb00c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 14:36:13 GMT
server: Microsoft-IIS/10.0
etag: "8d6c1b69b38fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4934

GET
H2 200 62c331a78d647_200_130.jpeg
i.lb.ua/051/43/ 10 KB
10 KB 289ms
157ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/051/43/62c331a78d647_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: b90030d9d999a8c8ddf814de377a55700b1fccafcba9dc922234bc062a30adce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 18:30:00 GMT
server: Microsoft-IIS/10.0
etag: "907ac011d48fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9820

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 170ms
40ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2682
date: Tue, 05 Jul 2022 01:51:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 05 Jul 2022 03:51:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 152ms
48ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: TerCtYIy4jddrRzHcXuPebvnYP4iHWKMkoAoFgo3+pmkAxfA1b5JApxAbZ4bS9ij0zoBufOgPjeo9ozET6qtQg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 05 Jul 2022 02:35:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scrolltop.png
lb.ua/media/1537/news/img/icos/ 333 B
409 B 172ms
172ms Image
image/png 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1537/news/img/icos/scrolltop.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1537/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1537/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Jul 2022 12:02:29 GMT
server: cloudflare
etag: "d6eec6f428dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 725cb58e7876f43b-LHR
content-length: 333

GET
H2 200 62c2db626932e.jpeg
i.lb.ua/064/26/ 16 KB
16 KB 164ms
56ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/064/26/62c2db626932e.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 0198bcb2549a536f175807a93386df6c58c70cbca338a4cfb3b4ba311bd787db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 12:21:54 GMT
server: Microsoft-IIS/10.0
etag: "7c9d0a5a08fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16112

GET
H2 200 62c208436bcb1.jpeg
i.lb.ua/119/33/ 17 KB
17 KB 303ms
195ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/119/33/62c208436bcb1.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 0cc23550e9d2c71443943564ea832a2ab55003798ef53f9b21d8d9b175ec3cf3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Sun, 03 Jul 2022 21:21:07 GMT
server: Microsoft-IIS/10.0
etag: "b7f142cf228fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 17010

GET
H2 200 62c20837c64c6.jpeg
i.lb.ua/107/57/ 35 KB
35 KB 318ms
210ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/107/57/62c20837c64c6.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 5831f21088fb34e8bd5a19b5f6c5b74f090a7448274b9525c744f904ea0fd3fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Sun, 03 Jul 2022 21:20:56 GMT
server: Microsoft-IIS/10.0
etag: "f17a56c8228fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 36085

GET
H2 200 62c0af1683173.jpeg
i.lb.ua/019/58/ 15 KB
15 KB 261ms
258ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/019/58/62c0af1683173.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 1b438b915244cfb4e36474092f29529b78dd85c47101b54c358449eaa1204dbd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Sat, 02 Jul 2022 20:48:22 GMT
server: Microsoft-IIS/10.0
etag: "7cc2ac11558ed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 15258

GET
H2 200 62bf47df6278f.jpeg
i.lb.ua/008/34/ 23 KB
23 KB 278ms
274ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/008/34/62bf47df6278f.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 627ab27fb0f325c1c61574aba945ed3cf3dc1817a307237e769b014de111d960

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 01 Jul 2022 19:15:43 GMT
server: Microsoft-IIS/10.0
etag: "784ad3f57e8dd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 23262

GET
H2 200 62be9b7bcc074.jpeg
i.lb.ua/072/57/ 18 KB
18 KB 278ms
275ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/072/57/62be9b7bcc074.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a35fe2dad6c6e5e56573d1900c5fe97db6ccebabec5c3389d6b5ea2457f681af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 01 Jul 2022 07:00:12 GMT
server: Microsoft-IIS/10.0
etag: "8454c35188dd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 18090

GET
H2 200 62be03d0368ff.jpeg
i.lb.ua/107/19/ 21 KB
21 KB 279ms
276ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/107/19/62be03d0368ff.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f1388f86a4d80a585639c425ed44ffffd231e99cad07f33204650dbeb14b52ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 30 Jun 2022 20:13:04 GMT
server: Microsoft-IIS/10.0
etag: "a09755cebd8cd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21812

GET
H2 200 62bdfe9a96631.jpeg
i.lb.ua/043/07/ 21 KB
21 KB 280ms
277ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/043/07/62bdfe9a96631.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: cd937f8698192e0f5a73ffa2fb593c18e69d8808aa655ec0d49754ba65fc0ee3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 30 Jun 2022 19:50:50 GMT
server: Microsoft-IIS/10.0
etag: "cfe56db3ba8cd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21865

GET
H2 200 62be095921357.jpeg
i.lb.ua/000/44/ 21 KB
22 KB 281ms
278ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/000/44/62be095921357.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 511ebc630ecd5a15ea057ee711aef7e4cec5f2a98b17ed16133f6fc2be07d9b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 30 Jun 2022 20:36:41 GMT
server: Microsoft-IIS/10.0
etag: "4216de1ac18cd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21983

GET
H2 200 62bdfe2297272.jpeg
i.lb.ua/050/20/ 23 KB
23 KB 282ms
279ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/050/20/62bdfe2297272.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 618257c306984bbcebb7578b21d2c97249147ca3af3842514f58b1466e54940a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 30 Jun 2022 19:48:50 GMT
server: Microsoft-IIS/10.0
etag: "b395e06bba8cd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 23435

GET
H2 200 62bd54af28941.jpeg
i.lb.ua/105/31/ 31 KB
32 KB 283ms
280ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/105/31/62bd54af28941.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 2a89121fad8f54a95f893f9ed304ef1599da129c37fa87d8e49fe54dd743bccb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 30 Jun 2022 07:45:51 GMT
server: Microsoft-IIS/10.0
etag: "73b2ae6b558cd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 32246

GET
H2 200 60d4538a5f02b.jpeg
i.lb.ua/015/52/ 4 KB
4 KB 315ms
207ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/015/52/60d4538a5f02b.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: bc172828a6c179f7dbf8412af220f532bdddeb5fc4b8e0bd2a902ab26cafefcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Thu, 24 Jun 2021 09:42:34 GMT
server: Microsoft-IIS/10.0
etag: "38cb542dd68d71:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4020

GET
H2 200 62c2b700f1f8e.jpeg
i.lb.ua/021/46/ 3 KB
4 KB 317ms
209ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/021/46/62c2b700f1f8e.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: b0770f6728d6f04ff46e3079bdf9bf1e39e939f7bbfb307ce3365177aa1386df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 09:46:41 GMT
server: Microsoft-IIS/10.0
etag: "334688f68a8fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3574

GET
H2 200 542be17fa9b12.jpeg
i.lb.ua/024/35/ 4 KB
5 KB 316ms
208ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/024/35/542be17fa9b12.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 5c648f86bb8be9cdc13191689a39adf2bb4bc7db598dedac8ed5f18eaebc717e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Wed, 01 Oct 2014 11:11:37 GMT
server: Microsoft-IIS/10.0
etag: "80ba9a7768ddcf1:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4565

GET
H2 200 62ac87a8ea01c.jpeg
i.lb.ua/005/30/ 5 KB
5 KB 308ms
200ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/005/30/62ac87a8ea01c.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: cbe063ba788a33a4097f2697350fd7f5df06e4a39461a824bd4d43b783d704a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 17 Jun 2022 13:54:49 GMT
server: Microsoft-IIS/10.0
etag: "30f06bcf5182d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5382

GET
H2 200 62a839d33f77d.jpeg
i.lb.ua/003/12/ 4 KB
4 KB 286ms
283ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/003/12/62a839d33f77d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f9477776b9b7a62de4a8d847ac31c392b42d85727ef9aec9fc1fc06d2420fea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Tue, 14 Jun 2022 07:33:39 GMT
server: Microsoft-IIS/10.0
etag: "a694c710c17fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4513

GET
H2 200 62c2654253247_200_130.jpeg
i.lb.ua/050/20/ 6 KB
6 KB 303ms
207ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/050/20/62c2654253247_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 96096ea06ee3b15131acc2a2633144686421c604543ad1d5529cf14a5e05f9be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Mon, 04 Jul 2022 03:57:54 GMT
server: Microsoft-IIS/10.0
etag: "a5bc773d5a8fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5930

GET
H2 200 62bf396a9ef93_200_130.jpeg
i.lb.ua/117/35/ 6 KB
7 KB 304ms
208ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/117/35/62bf396a9ef93_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7a3651fcf2059877cf8bb6badbc0b6b3413a23b8ae5bc01c12ca6d60c9c23d7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 01 Jul 2022 18:14:03 GMT
server: Microsoft-IIS/10.0
etag: "49481f58768dd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6633

GET
H2 200 62bc5cbdde03d_200_130.jpeg
i.lb.ua/004/23/ 10 KB
10 KB 287ms
284ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/004/23/62bc5cbdde03d_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e78edeaad67d31825ebe75ae2b73b46cb5e85722ff15c7fedfc20eaef8e0d174

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Wed, 29 Jun 2022 14:07:58 GMT
server: Microsoft-IIS/10.0
etag: "79a1cca2c18bd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9827

GET
H2 200 6132451cc6f56_200_130.jpeg
i.lb.ua/126/04/ 7 KB
7 KB 288ms
285ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/126/04/6132451cc6f56_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 238fd6bfe33964e23029ec158e76214d7589a7600884a653e93875ead54aeff7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 03 Sep 2021 15:54:05 GMT
server: Microsoft-IIS/10.0
etag: "cdaa89ecdba0d71:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7153

GET
H2 200 5c751b327ac50_200_130.jpeg
i.lb.ua/038/43/ 7 KB
7 KB 288ms
285ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/038/43/5c751b327ac50_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f6fcf69eaea919957c31b5334a776c871f44e582871329c3481ec2817805288e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Tue, 26 Feb 2019 10:55:45 GMT
server: Microsoft-IIS/10.0
etag: "eab0ed3c1cdd41:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7227

GET
H2 200 62be75513eae5_200_130.jpeg
i.lb.ua/081/31/ 13 KB
13 KB 305ms
302ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/081/31/62be75513eae5_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: bff5f5758d357a94df2e367d007634dd6c37cf4a73f55ca9782b4cd54f7f0fc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 01 Jul 2022 04:17:22 GMT
server: Microsoft-IIS/10.0
etag: "e83af77518dd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 13295

GET
H2 200 62c1dbb3c5344_200_130.jpeg
i.lb.ua/014/39/ 6 KB
6 KB 305ms
303ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/014/39/62c1dbb3c5344_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 8ca47a4bc98cdcd01e877b6a7527f30f7facdd5abfbd1c10a6fdfec7aff55c85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Sun, 03 Jul 2022 18:11:00 GMT
server: Microsoft-IIS/10.0
etag: "6ee1f13f88fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5723

GET
H2 200 629b27dc8462f.jpeg
i.lb.ua/051/56/ 14 KB
14 KB 306ms
304ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/051/56/629b27dc8462f.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ca9dbead0e59dc1b0a4ddd418d1f75a9315b7aa917ac960082598d74e4e559c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Sat, 04 Jun 2022 09:37:32 GMT
server: Microsoft-IIS/10.0
etag: "6ab945b7f677d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 14526

GET
H2 200 629755a876394.jpeg
i.lb.ua/075/61/ 21 KB
21 KB 314ms
311ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/075/61/629755a876394.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e0b4c5775bfe5b011168ffc277b797b82b9e7da5b9b3370c83adb3bead1dc1e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Wed, 01 Jun 2022 12:03:52 GMT
server: Microsoft-IIS/10.0
etag: "a15e41a9af75d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21712

GET
H2 200 62550b07a9928.jpeg
i.lb.ua/010/60/ 69 KB
69 KB 318ms
315ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/010/60/62550b07a9928.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a5a04944a6c53bf8bf1929aa82141ec2a2d58ef3e5ce9cf9679fea3f2b548967

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Tue, 12 Apr 2022 05:15:51 GMT
server: Microsoft-IIS/10.0
etag: "f218f9602c4ed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 70275

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
462 B 52ms
51ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lb.ua&callback=_gfp_s_&client=ca-pub-6096932064585080&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3757f28598f9489bfd828141c58629b297df880d711d2030570534218e083dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
792 B 206ms
53ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=lb.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 190ms
60ms Script
application/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flb.ua%2F&tn=DIV&id=popup-donate&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3AAA 44 KB
2 KB 168ms
82ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1656988007&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16777344%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546264&bpp=3&bdt=283&idt=156&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1518414470042&frm=20&pv=2&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9ba5ee7707869fcbb967803fd198a135a929dad8aa818779bd12c70abc9c38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 2061
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B4B 82 KB
30 KB 311ms
249ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1656988007&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546279&bpp=5&bdt=298&idt=185&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=s9azpUNvO0&p=https%3A//lb.ua&dtd=190

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

456d6ec26a88521359746619f76b76a252a817ac9149af2890e22c80ad602d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022062901.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 127ms
39ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

087afccd6c529e8c66aaec7f26a26ede8a95bb869d3441fbfe53057022f84488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130855
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 08:34:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jul 2023 13:52:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
86 B 134ms
48ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 806C 72 KB
28 KB 336ms
289ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=1289157958&pi=t.ma~as.8605697088&w=300&lmt=1656988007&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546290&bpp=14&bdt=309&idt=191&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=1783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BSqvuacuL7&p=https%3A//lb.ua&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7815453f504db28fd39f157aacb633929dbfebe8b5de0696b55deb7927c31734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29023
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 440471506375777 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/440471506375777?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

505d6011800f904e9ec090292703f31de4ca886b45b9bfb28027a58809bc26a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85581
x-xss-protection: 0
pragma: public
x-fb-debug: 8Vu8OF9xIBXWcCHx1/GmGdb7tee6DRWArDjbeu9eNU0wBHHYmHsjN+OMt0hHhXx13/UD/Dz+axRd227U/3UBJg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 05 Jul 2022 02:35:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.ae/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=277346405&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405
https://www.google.ae/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405&slf_rd=1&random=2288437283

42 B
501 B

139ms
48ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ae/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405&slf_rd=1&random=2288437283

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.ae/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1359141589.1656988546&jid=70126054&_v=5.7.2&z=277346405&slf_rd=1&random=2288437283
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DAAE 88 KB
32 KB 314ms
314ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675a6507061707a6816534c0ad183bbeac908395301be21c14564b8362e22440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33021
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0D8 72 KB
23 KB 342ms
341ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2e7e445cd4008d429b96b216be70f43b5749b580d0356774b5bc7a8247f116a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23691
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EF7 24 KB
11 KB 270ms
270ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5d8267d0aec69b247572847bbee43a2bb731d5b9f1a047ec1d50c1bd7022f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11570
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 120ms
40ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440471506375777&ev=PageView&dl=https%3A%2F%2Flb.ua%2F&rl=&if=false&ts=1656988546716&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656988546715.376393062&it=1656988546499&coo=false&exp=p1&rqm=GET

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 147ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=lb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 155ms
63ms Script
application/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=926829183162149&vrg=2022062901&nw_id=609136589&nslots=1&eid=31068158%2C31068295%2C42531605%2C42531607&pub_url=https%3A%2F%2Flb.ua%2F&sig=0&req=0&req_cnt=1&dm=8

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 402 B
244 B 232ms
232ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=926829183162149&correlator=2864691328284758&eid=31068158%2C31068295%2C42531605%2C42531607&output=ldjh&gdfp_req=1&vrg=2022062901&ptt=17&impl=fifs&iu_parts=609136589%2CIndex.300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=7&adks=2119600922&sfv=1-0-38&ecs=20220705&fsapi=false&sc=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&abxe=1&dt=1656988546748&lmt=1656988007&dlt=1656988545981&idt=747&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Flb.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8e37ab0a50ace4e40479109e71879fee0e712b58a49be043cb9b2be3cbe02a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lb.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE87 6 KB
4 KB 175ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062901.js?cb=31068295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:46 GMT
expires: Wed, 05 Jul 2023 02:35:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0B4B 4 KB
1 KB 138ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1656988007&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546279&bpp=5&bdt=298&idt=185&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=s9azpUNvO0&p=https%3A//lb.ua&dtd=190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 01:23:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 02:35:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 0B4B 2 KB
983 B 238ms
144ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:53:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B4B 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWL-GgqPDYtXkIofv7gOLkKoQgfzrjmmOwciL3Qygh4DskAIQASCV_JIlYJEGoAHixeXNAsgBCakCkbNqYmgbgT6oAwHIA8sEqgTfAU_QIuirF9NGkKmPPDP6h_njVwVpKB3ks7J7oNQQ5r-XSEZC9XxAbd2Pd5at5mQtMibgUTRgAJVI5umhdlDFx-oUGYIDlf7vKC-90b7fvFhey8TB3h_TFrcSEkon97Xj5CrD7_exsx8eDX-tneY1oaPZ0p6xpj1A548MKsJScU8mXnCMhnwK-SsXABXWK5v7J5mHl2C1EeLtYAyPdqRy75d_6M_dIfVpZ6mBe-T4bV9N_I1RQaOKNFOQRQqev2mpy0_agEDf4HftI698JUoqK4r3tZFGW19IV22W3yxhW6jABMqOr7WmA5IFBAgEGAGSBQQIBRgEoAYugAeGupqyAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKCFAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEw2IFAnQFQGYFgGAFwGyFxwKGggAEhRwdWItNjA5NjkzMjA2NDU4NTA4MBgA&sigh=OfS1a4Z8uyA&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1656988007&psa=0&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546279&bpp=5&bdt=298&idt=185&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=s9azpUNvO0&p=https%3A//lb.ua&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5145556398221511991/ Frame 0B4B 1 KB
1 KB 175ms
82ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5145556398221511991/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9b728c58156d1313a57943dd4870f95eb74787caef9f2346ed7716ea52bf22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:03:28 GMT
x-content-type-options: nosniff
age: 37938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1182
x-xss-protection: 0
last-modified: Tue, 19 Nov 2019 10:00:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 16:03:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8537237569461370676/ Frame 0B4B 12 KB
12 KB 176ms
83ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8537237569461370676/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f7bc74f9a90167fdbc4057f4115c922ff513705a84a0a75b643227ce66ce954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 19:18:37 GMT
x-content-type-options: nosniff
age: 26229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11947
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 10:51:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 19:18:37 GMT

GET
DATA 200
OK truncated
/ Frame 0B4B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 0B4B 21 KB
9 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:04:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 0B4B 3 KB
1 KB 167ms
81ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:36:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B4B 138 KB
43 KB 131ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 0B4B 17 KB
7 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:51:44 GMT

GET
H2 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 0B4B 31 KB
13 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 806C 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8ryfgqPDYoXeIsiXgQfGtbCgCL-71MdogOmMv-oPofzY1cIgEAEglfySJWCRBqAB1LiGyALIAQKpAuFd5P5WRZI-qAMByAPJBKoE7wFP0GoCLqUVpgwHV5q7RdPnzOfwwNhOsVZ5JNwS8t5MMy0uxnSKCD74RAAD2EBQ95Ke6i8-2DUmQ0TXYkqNeVgG3iNkJDUBWdtFe5OO6eGEugmIOKH2MRHSuoX7CXssBy3URirp0nF0HElF0jKiseD1t2wpWNwFDO6Lgc0PrFFj48jbxn2WFlkq6RUqyAu14banwikMMxG5hxYT5_gaC9ipHw_uT-UhsCiPYodwqX8nD9-1Sy9iTkcjsaGNgoDHYS4rkEhR_MDX_RumGdvwK87x0_1tnUD9P5KV2slS9mBFFRfKpm2VpLU5oboJQmf_48AE57qHtOECkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5TH-bcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_p0C0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTYwOTY5MzIwNjQ1ODUwODAYAA&sigh=uYgPBlmLAuo&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=1289157958&pi=t.ma~as.8605697088&w=300&lmt=1656988007&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546290&bpp=14&bdt=309&idt=191&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=1783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BSqvuacuL7&p=https%3A//lb.ua&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=1289157958&pi=t.ma~as.8605697088&w=300&lmt=1656988007&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546290&bpp=14&bdt=309&idt=191&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=1783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BSqvuacuL7&p=https%3A//lb.ua&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 05 Jul 2022 02:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 168756371096641459
tpc.googlesyndication.com/simgad/ Frame 806C 82 KB
82 KB 146ms
93ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/168756371096641459?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qluRF7Lnj8M9fwwrsyj1NOJViKb0g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcf1f7cad59ff71bf79987b8e244a4cff6a8b59c9c35ed4644e1939e0b3d973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 20:28:58 GMT
x-content-type-options: nosniff
age: 194808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84066
x-xss-protection: 0
last-modified: Thu, 23 Jan 2020 13:43:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jul 2023 20:28:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 806C 21 KB
9 KB 96ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:04:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 806C 3 KB
1 KB 193ms
143ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:36:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 806C 138 KB
42 KB 145ms
94ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 806C 17 KB
7 KB 129ms
79ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:51:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 806C 31 KB
13 KB 192ms
144ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 19:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 19:23:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2357 143 B
163 B 38ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=1289157958&pi=t.ma~as.8605697088&w=300&lmt=1656988007&psa=0&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546290&bpp=14&bdt=309&idt=191&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=1783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=BSqvuacuL7&p=https%3A//lb.ua&dtd=194
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 01:50:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BD0C 624 B
297 B 58ms
58ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGJf9sskBMAE&v=APEucNUzyXBYg-iDOkAIz8XNp8Lt5fnhqRjVaSd7la1zRF1HiCjcBMYQjV3bAK-UNqfyEVl23nRCy9-67Vj_6JNLHViK8ns_6g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0839 27 KB
16 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAXcHDF8Zj91pfp1ccVnIkNPTEjQjFHtusP7TxiSAj2UfMMcb7IItztqN9kPCoHJx14XBNbPZaCwoKHAYQ4hao_6iPGDKrtPAd0AxjNcrC71v6sYRsqPTorLRRUVBWLixeltxE4NgVFFmWrhIuAVddBU2DkQ&cry=1&dbm_d=AKAmf-B3CzdGUAUU1wzDFzd44QNudrakqPo51Xxa7qEIh6f7lvoOYRbrEaITuIJWQLzGl_2rbmRY7BREc59nEKoy3KkM0hKCom8MyBNkQEi5ZqNAMIfarY8vGEahD1W3DVQUacL0fIuFmJWW2VHVStcQYn6Z9OtJzf7p5-tQoetZFuCjMSWRXTdHBWcSB7sdeFxGo5ujuhQ8ApcLKB3BXlBS0RU44qpZ3sgBYQAqgDKaK2lQ-SHIJ0LNftHr-UN07bL4S-sy8MFJDnlh8wpX0dlkCPd4D7sfxjNe2crp5yaxNJr1dCUnwJKBzjw31919c6sVA4T-3GC4io83PaJ_Ld0QJmckWKB52sVMlmE0rYYP9WIgzueurQlTo-cSnviPGsgouXZRcMDMgsDXofNbiKZVJlJw_qZi1GHZ0Pg9TKixCliP_j7Yu4x9D578fzC2vt83v_SlXhkEu3_AtvJiwYWPnnbjtw3Zih78W8YNPuVrMbXF82nlhmZMHshuLecYSj9MobL46KmvkRWcTFtul7ZPcQbIlomRSCkshiux69x8sgCbiuhd-w5lAqPzfuD6Dfu1HajruF2qNHDCRFYu_NKomCAxGEHQLKMJw5brlRTOzxAq0WtnMSq6uyZR13Lq2WbpWKELlL5J7GLMg-Q2Tfluw0jobShHcyyZP_Vbcy0W7Zlsddljd-3wnS8p4YN44H8Un5itenPijqj14f_YwJ_g0veXHc7e_rk0SCLl4X2qzT41xcI64KWFKX442-0KaceDOZf69Qk7qLPz_EPLoeo_4g4IYZ3Gox6rZSrW3jPvTREDsY23d3NOh7qVUy3eBLnCs3tTAep_zabPnyfHsrcHFsH8oK9TNipQyIt5uqVdeHvdU_cHRwybdcLvWfWfvp5mk4FRE82i6gArL7DgHU5F7tK-JXoZzQhfHxUVxiJ2LV0meBvkelSB5otYWgUTxq6gVfZNcRZbfbT32nxvFOVH1JD4oEETd6BJhfjCoQG4EMm3fxA1Ak1MPEh6JsoVZtwvOmkKZULSpJ75g4RgKpKW9NMjf6ZRYNOH-tDazeE6rEMGZdVCiov6s2IaarrdsEAWOXRCzVVPUPTuYcpCo_y9SoAdFL6CRE3jShn1j0VLX2Eg_FFLJsELvqtV0dEq0phSskvJ7J-oj3fXI8b-FUT3JiH4Re1X9hDhqRZgRFW0P4VoVlUkIeaywRDKJxPXifLxWbhLJgP7vwypcYI4u1YeaQDcxNsP7kuyhwpfo57gqvC2RnF5yHmCfMP4ukXxWXgSo8tRFsv5bWX7iA4XgZ767tg29ND-5Hkvch4O8dq6lG3WFgk2x23XspLphr-ANSnTY3k5VsVryXzq-8fbqmJRQuGZlZ3MaUymcOzUXL35rGDHqRHgsYcDoZAxrVFDrQJc2vOc4Ev7qAlCMNjlyGGyOBhG6KK0cG3zX6Q36CweOx0FkohsrTzUF-6YEH0FG9wFRu_b1QmsEZyCpnE8798taVj3iCC_WcH9PUT5c06hNEsyPgPa3pn6E-a_ujM0vch5n9bEFYgz3SHw_cOazb3goxgAAC6a_PCB6Ya6-iaB62QJYWloEmkWN823MzHRXV5_e9GsNfY5hgzn-qLDvT1iD6IhWGY0oxAXTTHUnFsQgN5TEzCFnuLaU-Pz5X1MApFxHR_6JiZS7DKLaf7AVjkCumrWLizkyFh13WEgh_IjFuEBuGeE_zfQjaI1w56vyDHrSVZUtLckz-sJIxenifwETp0Rt4dmwWaPjV4-7krr8ZQ5_SsEMNtwVh7ml5HA_jssB-_qFtN-2MwmsbgKYMVx3Gj6IE22hodVr_tDkU0i6Zg3ceZU4S46-tAyJ4qe5aBBNu0BbRHPa2LkAFZ-s1q1IcETL9gsb7aVwLwIj5AKdJBHOcKQbEc2YA_348k7no2Aoreb6YQHDGuL1drwO1R5ioopmktKYVnGJCGrGRmYUAZweXYGsdKJ00THtx1s3DNaO_JMxYlJzni-ztBtolbXGQau2d5paW0Am8_yfrwz21Y7KGc8KL1satSmucwUny997hzdKhVrqVV92UyQOfDljJVVM49FEhP9ZSBDnS71d9l68pA5Iaz8iFJd-V0cWI0dUHzhURhnkHIawxKNL5WUh-KqTvHpnIG_YuswvYBuUU0KB5BRt3LTAn0-770ekWTvkmkp7_cYVB3f-GR2y_qc5ds9sjKpR-GOlc4U0I2AE1NCqVJSsHDN65xJrrAFBY6yaHsXrEVEJ0XCEX7EpXlqCKx-aZrQln9955Pbpvx1YGFBV-n60_BxtjILL-ifb2hVw7N51PYETTmFIq1EB86JKSPVjkcKMwvgmnQwOolIydOdSCUmlFlU9CDOzfA8ZPHFwdnN8CLiwob2TPfztqEzGEg24VSjyzO_aISCQfGcEWNYJfgBm_eJKQ_eZb1wVxKcko0l2nRwXzblxjeyLryRCodNfHLDug8z-fxaS1X6dPBhCiBFmK0AOaCPz-yDiYZU54t3dTkhxOapyAHvx7Pz87KNLAfSm5ZBj0JXPdzs08niW8A-Jiwks38YumRyhrvigFGNmIGPYwdE-vWg-NmwhUURozwaL0g5dvV806b_NKcuRUHQzNe1JyVASt6-g_19K4BTvW8L32n-Fla1VjKqIxMiWp_6NYpIksjI1v-3HT-B8nmAygcfmqL9xh9Z__mKSGDcxyzYIFB7Az_8i5rEYIOLQ3bAyP1y0njsCw3ZIFeCXiBL4zdaQzB-5vdFchWp5z6wcFdivQirzBbhsCQgneVY5ZzhgRjDp5HURniJZNCieRdqEUtQafAk5pOoPjOm4cAz38skkaocKyzhHNHxMCIcebnHCygAl2tRLoY0cRWrVZN59845hPShG9xXn9XGSIRT7BadP1gQo9gSSmpP1eR8-5jy5oi90upovxo1qkajsy9KOnBOd50uE-H0PpoXbizTfSDmppydIFJ1Yh9QN6f3GrgiNahuH9H5dQK4v8QZh8Tw2_CBl7l5Quv85yYzkhRj60JGGQAQ3xcwCj0qdN1uyQE2jefiEpgtc2SoBY6UxlkGaecK3ZsiCXseQMi2CLw6MI0BE74Xm3OULa3BNEgv1SkJPjVmhzy2317SJ-_hE6X-nObuQZupl5SMZK6xCsOCz34gKZvdJ8xZFSkjrU6FbFjU7PTd0dX3S4Ot0QL6Cekgf6KWmEQAXtNuc8jI8bW1XfQupqzhM-mo89qkAPvKbWXDpbBCG7aK_TkDs4mqRlCn1wFlFZfig9_CTrd59N4CP0uAAvtMT8ziaPLp89jkdJnFgonWmXvvUEin9El9RAL3SlGIrFi5HuV35BZPnXj8PqDTFqMaVCjRvKygsidsgMAc_CC725SpHn0R2uqd6WutppeBl9UBBdOaTaecMMHxEYynJLjiR1UQtcK6TwRVUFQzZxQdl_wd88oLUZ0Q4mqg-v1LteHPMYXacVidmh11iY_2QYXLCl5S_93461bSWttFeivc9vEBNkgz9sYcaiRB1zaUEfcVGYoG60MZiM-u7CJPZupEW03Ymc1wTJsq3NQEPc1lx--dOw7cVZG7gXiqFMr1k1K8A14x8mO0TCEKhm-L7MI1FQN4QebXWUQFtFCpUDG5TKeOUgDQOZTOxsXt3IzkY_jJbjjPA2MJzYY49dzytbG_PovNcjSheSZaSUoEtZ48rwuR324B3xTHxaXrMnhrjS6xI9QHfOTKUDiDVDUBBnoMaAn7TzD71YvbHq89EC4aPgARoLgv2bnJ0cIYvnuEEd0cRzIVqKBiRYXWQutS&cid=CAASJORoEIAcAddeJ17CZ-CT5360GJFT-uu-Fd53tF9kXxs9Nuxmkw&rfl=2%2Chttps%253A%252F%252Flb.ua%252F%240

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ed75940da2c503503d495cae24d721a011a9aba586630c5c8335cb3cfccc3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0839 23 KB
9 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 05 Jul 2022 03:11:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 0839 3 KB
1 KB 151ms
73ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0839 138 KB
42 KB 127ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 0839 17 KB
7 KB 122ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:51:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0839 0
0 124ms
45ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQTke_yjJGIAcgaIa-QHKVw9Dp5zpu9ltJ0b-TooosEAs_NyeL92rv03O7KbjlAXae0CYBC1eLQv4_P_VttYbc-9dBqQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0839 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGsu7nuJuxMIMvPRnkFJZASPPoL2a1n5QzigeSG99Tepkc3PMsZPJ-iBJrII3eWf5-uOgQhDkyguPqzMqGdnmTBqLnR4QSa4c4nTX3I5tfftHFWPI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DAAE 6 KB
672 B 126ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 00:36:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 02:35:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 02:35:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame DAAE 2 KB
902 B 106ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:53:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame DAAE 21 KB
8 KB 82ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:04:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame DAAE 3 KB
1 KB 48ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAAE 138 KB
42 KB 107ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame DAAE 17 KB
7 KB 70ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:51:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DAAE 0
0 59ms
46ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROnG508Qnprk-xzO30VmeIB6JJhDSgttwqgu0WIRioUYqESJJlNxls4Qoh7ww8r3n5Qy7LOydcf7YTc3LU0ohMEY-Mog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame DAAE 31 KB
13 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

GET
DATA 200
OK truncated
/ Frame 0B4B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e590c2b7889ff95626b9345381bbf2cef0100f34af786fee9cfee094bc1825e2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DAAE 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdjYvgqPDYq7bK5Pax_APvMaF2AjA8unYapLL3Ii_D-y3ndDcMBABIJX8kiVgkQagAePzxqsCyAEJqQLanp8HynuxPqgDAcgDywSqBOEBT9CFCwjNRdTJTjUT2-NuiDzP3Sc8Fu5DgHkmaDwo74yMFSItZxd1R6eU4SOUb-7MEpJTitiOen_ePlixEwymk-69k5CuoDaKVwvzCr3Hh-w3IcxyFQqnERxeIbYZM1v584W_iOxWh6KYT3HYKtQfvGalGr11IxZ7JEvBHP0F7a886bF9ppv_IXtNGx3Zb2wGh8lz99Y0L7FmZ3AEa1O58HdGB5uxxnc3ycuyvhMjAhJmigNb6mo6CCZ37JozwtybJj0uebGkzRI5YoRAaCb9tnZywxit7K-OEbSWsyRogkdhwATtwobGgASgBi6AB4WMudQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqLoD0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi02MDk2OTMyMDY0NTg1MDgwGAA&sigh=3Kv8orESODg&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 05 Jul 2022 02:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8936157577690916964/ Frame DAAE 35 KB
35 KB 77ms
75ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8936157577690916964/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea2a493562c7f71e4aac2c587ccb31ec493b1cc15c85dfc912e5abb73f2aada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 00:33:41 GMT
x-content-type-options: nosniff
age: 352926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36093
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:02:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Jul 2023 00:33:41 GMT

GET
DATA 200
OK truncated
/ Frame DAAE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2357
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

73ms
71ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 02:35:47 GMT
expires: Tue, 05 Jul 2022 02:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 02:35:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E0D8 8 KB
892 B 82ms
53ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 02:17:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 02:35:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 02:35:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E0D8 2 KB
902 B 72ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:53:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame E0D8 21 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:04:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E0D8 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0D8 138 KB
42 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E0D8 17 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:51:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E0D8 0
0 49ms
48ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDB2gaNDgG81aeUvhxHis5tsNUYEaQAofJV6o7UZs9SU5BRxuBPU2nQPwpVOqCdDEHx0a5ZPpp-iiJpeSAt3HZv3j-3A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame E0D8 31 KB
13 KB 83ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

GET
DATA 200
OK truncated
/ Frame 806C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2af70c54b67fe0859b1d9e462b23c50e7d57bdeb7e69f72bff95c904e7372ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BD0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&C=1

43 B
951 B

196ms
196ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGJf9sskBMAE&v=APEucNUzyXBYg-iDOkAIz8XNp8Lt5fnhqRjVaSd7la1zRF1HiCjcBMYQjV3bAK-UNqfyEVl23nRCy9-67Vj_6JNLHViK8ns_6g
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 725cb595eefb8926-LHR
pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na4cg9gQ05N25az3Ed3fn%2FoD%2F1Ybt7z3Mn4ay447w1HZ5qd9rPQbL2WUKNCEkE%2BqxJXtF3Bzxm7mWZSHEuKSjehUYlKR371vxxf5J7xX%2FTkWAzTMjKA6%2B%2BNz3rY70%2FYy437oR8LfSPfl%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vHvQyaTdUTcKakIeKP4pTlw1bs3Pqiv3oUT9mPUoNkz1RtPwHc7cR7mbjjzK7BIQkxDkRZ5KhiZVdEOfTIOnnUIArUE3CLWS5enPN3sJdSmI%2B3JAMbDpQo2ZuAYnHLFovBQGNhZZKEmJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&C=1
cache-control: no-cache
cf-ray: 725cb594aba67583-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BD0C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsOjg2G.u1iSvj9lapdBGAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&google_hm=2

43 B
911 B

564ms
564ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGJf9sskBMAE&v=APEucNUzyXBYg-iDOkAIz8XNp8Lt5fnhqRjVaSd7la1zRF1HiCjcBMYQjV3bAK-UNqfyEVl23nRCy9-67Vj_6JNLHViK8ns_6g
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 725cb5992ab08926-LHR
pragma: no-cache
date: Tue, 05 Jul 2022 02:35:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFZNHHJ1L7J1LOI4b%2Btr8PcL7ZbKAwwYJULCztECzLheJt9z2nu2u0u%2BeA2UsvBcmgGNMXXkkrMzb2NCqK4TKJsevf%2F3Tw4%2FIUMFSzhpKxBG1m92uFRQ%2BoV46M7Q9Di5zzvYaGfR40L3JA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgOzhFrfUOno0nBGQGYWIo&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BD0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJeOiyOiiqmhdgjSRkv6j90&google_cver=1

43 B
1014 B

83ms
40ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJeOiyOiiqmhdgjSRkv6j90&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGJf9sskBMAE&v=APEucNUzyXBYg-iDOkAIz8XNp8Lt5fnhqRjVaSd7la1zRF1HiCjcBMYQjV3bAK-UNqfyEVl23nRCy9-67Vj_6JNLHViK8ns_6g

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Jul 2022 02:35:47 GMT
X-Proxy-Origin: 5.187.21.102; 5.187.21.102; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 24706ab7-c7ba-451e-b0a6-11347ed2831d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJeOiyOiiqmhdgjSRkv6j90&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD0C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2MjU2MzU5ODc3MDU3MjIyNA%3D%3D

170 B
188 B

64ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2MjU2MzU5ODc3MDU3MjIyNA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Jul 2022 02:35:47 GMT
X-Proxy-Origin: 5.187.21.102; 5.187.21.102; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2f20b762-28da-485f-8c23-8d846305eb2e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2MjU2MzU5ODc3MDU3MjIyNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0D8 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwcGWgqPDYqmJLLCzx_AP9KGVqA_A8unYapLL3Ii_D-y3ndDcMBABIJX8kiVgkQagAePzxqsCyAEBqQI6ynDYp32xPqgDAaoE4AFP0BxCw4tGKnJ1EeyKZCdffEZQIcHiW80MMIOtL8HyCNCHHEbnut2rCxuyprUtvR4N-rju2uPaXBF2NrLjD4taEXJLPFPL6Ph2IosTkcObTDCiurGpthyu7vGbeIlLYcasid7A-ro3_fyWj2rC2pK64C2nBAjcc9j7CUe_u_68gP2g97e9gqSCr4DERziEIuw412_2AQ5HuNTqGEPUaqZNfj66gWFjEtwlluZzyK5YPhXlIGmIhVN5412eUI_Pr8a44Ud0ROn07wknrxRG-sPcGbqa-jKHc6KroMCBu3sNRMAE7cKGxoAEgAeFjLnUAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMfNAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi02MDk2OTMyMDY0NTg1MDgwGAA&sigh=bZrpjCRBL_0&uach_m=[UACH]&template_id=5020

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 05 Jul 2022 02:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 0839 27 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAXcHDF8Zj91pfp1ccVnIkNPTEjQjFHtusP7TxiSAj2UfMMcb7IItztqN9kPCoHJx14XBNbPZaCwoKHAYQ4hao_6iPGDKrtPAd0AxjNcrC71v6sYRsqPTorLRRUVBWLixeltxE4NgVFFmWrhIuAVddBU2DkQ&cry=1&dbm_d=AKAmf-B3CzdGUAUU1wzDFzd44QNudrakqPo51Xxa7qEIh6f7lvoOYRbrEaITuIJWQLzGl_2rbmRY7BREc59nEKoy3KkM0hKCom8MyBNkQEi5ZqNAMIfarY8vGEahD1W3DVQUacL0fIuFmJWW2VHVStcQYn6Z9OtJzf7p5-tQoetZFuCjMSWRXTdHBWcSB7sdeFxGo5ujuhQ8ApcLKB3BXlBS0RU44qpZ3sgBYQAqgDKaK2lQ-SHIJ0LNftHr-UN07bL4S-sy8MFJDnlh8wpX0dlkCPd4D7sfxjNe2crp5yaxNJr1dCUnwJKBzjw31919c6sVA4T-3GC4io83PaJ_Ld0QJmckWKB52sVMlmE0rYYP9WIgzueurQlTo-cSnviPGsgouXZRcMDMgsDXofNbiKZVJlJw_qZi1GHZ0Pg9TKixCliP_j7Yu4x9D578fzC2vt83v_SlXhkEu3_AtvJiwYWPnnbjtw3Zih78W8YNPuVrMbXF82nlhmZMHshuLecYSj9MobL46KmvkRWcTFtul7ZPcQbIlomRSCkshiux69x8sgCbiuhd-w5lAqPzfuD6Dfu1HajruF2qNHDCRFYu_NKomCAxGEHQLKMJw5brlRTOzxAq0WtnMSq6uyZR13Lq2WbpWKELlL5J7GLMg-Q2Tfluw0jobShHcyyZP_Vbcy0W7Zlsddljd-3wnS8p4YN44H8Un5itenPijqj14f_YwJ_g0veXHc7e_rk0SCLl4X2qzT41xcI64KWFKX442-0KaceDOZf69Qk7qLPz_EPLoeo_4g4IYZ3Gox6rZSrW3jPvTREDsY23d3NOh7qVUy3eBLnCs3tTAep_zabPnyfHsrcHFsH8oK9TNipQyIt5uqVdeHvdU_cHRwybdcLvWfWfvp5mk4FRE82i6gArL7DgHU5F7tK-JXoZzQhfHxUVxiJ2LV0meBvkelSB5otYWgUTxq6gVfZNcRZbfbT32nxvFOVH1JD4oEETd6BJhfjCoQG4EMm3fxA1Ak1MPEh6JsoVZtwvOmkKZULSpJ75g4RgKpKW9NMjf6ZRYNOH-tDazeE6rEMGZdVCiov6s2IaarrdsEAWOXRCzVVPUPTuYcpCo_y9SoAdFL6CRE3jShn1j0VLX2Eg_FFLJsELvqtV0dEq0phSskvJ7J-oj3fXI8b-FUT3JiH4Re1X9hDhqRZgRFW0P4VoVlUkIeaywRDKJxPXifLxWbhLJgP7vwypcYI4u1YeaQDcxNsP7kuyhwpfo57gqvC2RnF5yHmCfMP4ukXxWXgSo8tRFsv5bWX7iA4XgZ767tg29ND-5Hkvch4O8dq6lG3WFgk2x23XspLphr-ANSnTY3k5VsVryXzq-8fbqmJRQuGZlZ3MaUymcOzUXL35rGDHqRHgsYcDoZAxrVFDrQJc2vOc4Ev7qAlCMNjlyGGyOBhG6KK0cG3zX6Q36CweOx0FkohsrTzUF-6YEH0FG9wFRu_b1QmsEZyCpnE8798taVj3iCC_WcH9PUT5c06hNEsyPgPa3pn6E-a_ujM0vch5n9bEFYgz3SHw_cOazb3goxgAAC6a_PCB6Ya6-iaB62QJYWloEmkWN823MzHRXV5_e9GsNfY5hgzn-qLDvT1iD6IhWGY0oxAXTTHUnFsQgN5TEzCFnuLaU-Pz5X1MApFxHR_6JiZS7DKLaf7AVjkCumrWLizkyFh13WEgh_IjFuEBuGeE_zfQjaI1w56vyDHrSVZUtLckz-sJIxenifwETp0Rt4dmwWaPjV4-7krr8ZQ5_SsEMNtwVh7ml5HA_jssB-_qFtN-2MwmsbgKYMVx3Gj6IE22hodVr_tDkU0i6Zg3ceZU4S46-tAyJ4qe5aBBNu0BbRHPa2LkAFZ-s1q1IcETL9gsb7aVwLwIj5AKdJBHOcKQbEc2YA_348k7no2Aoreb6YQHDGuL1drwO1R5ioopmktKYVnGJCGrGRmYUAZweXYGsdKJ00THtx1s3DNaO_JMxYlJzni-ztBtolbXGQau2d5paW0Am8_yfrwz21Y7KGc8KL1satSmucwUny997hzdKhVrqVV92UyQOfDljJVVM49FEhP9ZSBDnS71d9l68pA5Iaz8iFJd-V0cWI0dUHzhURhnkHIawxKNL5WUh-KqTvHpnIG_YuswvYBuUU0KB5BRt3LTAn0-770ekWTvkmkp7_cYVB3f-GR2y_qc5ds9sjKpR-GOlc4U0I2AE1NCqVJSsHDN65xJrrAFBY6yaHsXrEVEJ0XCEX7EpXlqCKx-aZrQln9955Pbpvx1YGFBV-n60_BxtjILL-ifb2hVw7N51PYETTmFIq1EB86JKSPVjkcKMwvgmnQwOolIydOdSCUmlFlU9CDOzfA8ZPHFwdnN8CLiwob2TPfztqEzGEg24VSjyzO_aISCQfGcEWNYJfgBm_eJKQ_eZb1wVxKcko0l2nRwXzblxjeyLryRCodNfHLDug8z-fxaS1X6dPBhCiBFmK0AOaCPz-yDiYZU54t3dTkhxOapyAHvx7Pz87KNLAfSm5ZBj0JXPdzs08niW8A-Jiwks38YumRyhrvigFGNmIGPYwdE-vWg-NmwhUURozwaL0g5dvV806b_NKcuRUHQzNe1JyVASt6-g_19K4BTvW8L32n-Fla1VjKqIxMiWp_6NYpIksjI1v-3HT-B8nmAygcfmqL9xh9Z__mKSGDcxyzYIFB7Az_8i5rEYIOLQ3bAyP1y0njsCw3ZIFeCXiBL4zdaQzB-5vdFchWp5z6wcFdivQirzBbhsCQgneVY5ZzhgRjDp5HURniJZNCieRdqEUtQafAk5pOoPjOm4cAz38skkaocKyzhHNHxMCIcebnHCygAl2tRLoY0cRWrVZN59845hPShG9xXn9XGSIRT7BadP1gQo9gSSmpP1eR8-5jy5oi90upovxo1qkajsy9KOnBOd50uE-H0PpoXbizTfSDmppydIFJ1Yh9QN6f3GrgiNahuH9H5dQK4v8QZh8Tw2_CBl7l5Quv85yYzkhRj60JGGQAQ3xcwCj0qdN1uyQE2jefiEpgtc2SoBY6UxlkGaecK3ZsiCXseQMi2CLw6MI0BE74Xm3OULa3BNEgv1SkJPjVmhzy2317SJ-_hE6X-nObuQZupl5SMZK6xCsOCz34gKZvdJ8xZFSkjrU6FbFjU7PTd0dX3S4Ot0QL6Cekgf6KWmEQAXtNuc8jI8bW1XfQupqzhM-mo89qkAPvKbWXDpbBCG7aK_TkDs4mqRlCn1wFlFZfig9_CTrd59N4CP0uAAvtMT8ziaPLp89jkdJnFgonWmXvvUEin9El9RAL3SlGIrFi5HuV35BZPnXj8PqDTFqMaVCjRvKygsidsgMAc_CC725SpHn0R2uqd6WutppeBl9UBBdOaTaecMMHxEYynJLjiR1UQtcK6TwRVUFQzZxQdl_wd88oLUZ0Q4mqg-v1LteHPMYXacVidmh11iY_2QYXLCl5S_93461bSWttFeivc9vEBNkgz9sYcaiRB1zaUEfcVGYoG60MZiM-u7CJPZupEW03Ymc1wTJsq3NQEPc1lx--dOw7cVZG7gXiqFMr1k1K8A14x8mO0TCEKhm-L7MI1FQN4QebXWUQFtFCpUDG5TKeOUgDQOZTOxsXt3IzkY_jJbjjPA2MJzYY49dzytbG_PovNcjSheSZaSUoEtZ48rwuR324B3xTHxaXrMnhrjS6xI9QHfOTKUDiDVDUBBnoMaAn7TzD71YvbHq89EC4aPgARoLgv2bnJ0cIYvnuEEd0cRzIVqKBiRYXWQutS&cid=CAASJORoEIAcAddeJ17CZ-CT5360GJFT-uu-Fd53tF9kXxs9Nuxmkw&rfl=2%2Chttps%253A%252F%252Flb.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 02:13:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0839 41 KB
15 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:50:18 GMT

GET
DATA 200
OK truncated
/ Frame E0D8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0B4B 15 KB
16 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 496258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 08:44:49 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame A233 36 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B536 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 74523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D2E 143 B
163 B 40ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 01:50:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25F2 1 KB
749 B 43ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 74523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame 0839 54 KB
21 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 13:13:13 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E26A 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 53128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 11:50:19 GMT
expires: Tue, 04 Jul 2023 11:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame B536 35 B
462 B 135ms
42ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN97CN4E8Oi4GZPNuPrWqMs&google_cver=1&google_push=ARnp8GDF6GVdexnN3HKuuLDxJUTKcz_llJpnwksjxplgE4LJ2hawEV8dJCIDTLasqGX2SjhtrfrDBLW_fv7N3xQdTY2gi1hEVH0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B536
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEEuSScRAK6N-8sHUFEU7cos&google_cver=1&google_push=ARnp8GArE6mywvWlcPFePgqj_WmL-28rZZg0Nr3QeCSl1ZlOUVeqsQ8k9HoE-WS854ohxyB8r3Mohh4WOZP6Vj2...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bLuJkh3njowGEQvrlldB0o&tap=gAds&google_gid=CAESEEuSScRAK6N-8sHUFEU7cos&google_cver=1&google_push=ARnp8GArE6mywvWlcPFePgqj_WmL-28rZZg0...

170 B
188 B

54ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bLuJkh3njowGEQvrlldB0o&tap=gAds&google_gid=CAESEEuSScRAK6N-8sHUFEU7cos&google_cver=1&google_push=ARnp8GArE6mywvWlcPFePgqj_WmL-28rZZg0Nr3QeCSl1ZlOUVeqsQ8k9HoE-WS854ohxyB8r3Mohh4WOZP6Vj22XnKF_3IqiA

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
last-modified: Tue, 24 May 2022 19:59:41 GMT
date: Tue, 05 Jul 2022 02:35:37 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=bLuJkh3njowGEQvrlldB0o&tap=gAds&google_gid=CAESEEuSScRAK6N-8sHUFEU7cos&google_cver=1&google_push=ARnp8GArE6mywvWlcPFePgqj_WmL-28rZZg0Nr3QeCSl1ZlOUVeqsQ8k9HoE-WS854ohxyB8r3Mohh4WOZP6Vj22XnKF_3IqiA
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B536 43 B
356 B 135ms
38ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEIbGuaqZ5Fm5f31EVlh3vJo&google_cver=1&google_push=ARnp8GCoisSHMQY3yb0PLvWesrnGQhr4xbitKp-xOcnl-so9eqcjy8vhyRK90RCnrOJX7vUU_SNc2XBjzVKp3u-TBosO3MQpuuE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B536 43 B
350 B 94ms
31ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHGvPEM-DHA2T4myvtaRg_0&google_cver=1&google_push=ARnp8GB6MdXbPSsk5amgM24su-IAZfy_7Ez4RQmuJkb6ghEXmlu2cG2SxINl-zJ_wBAudOzln0hM1TP5kDS1LFinwPe3w-ledA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ctd40vi0a5rscam8a1j02bp86s08ek5k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B536
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJkXh7SGFQIwtWqOP6eWpmo&google_cver=1&google_push=ARnp8GA4663KUPCT6Xb8K7UcM0YMXgBHN2zpaRfKoYjJxN4Cyi1doaI4xtitABSlxMyyfIP_4cS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VVgtMjAtMk9YNg==&google_push=ARnp8GA4663KUPCT6Xb8K7UcM0YMXgBHN2zpaRfKoYjJxN4Cyi1doaI4xtitABSlxMyyfIP_4cS5VM7Gy9-lamQmIEo83gjc0OE

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VVgtMjAtMk9YNg==&google_push=ARnp8GA4663KUPCT6Xb8K7UcM0YMXgBHN2zpaRfKoYjJxN4Cyi1doaI4xtitABSlxMyyfIP_4cS5VM7Gy9-lamQmIEo83gjc0OE

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VVgtMjAtMk9YNg==&google_push=ARnp8GA4663KUPCT6Xb8K7UcM0YMXgBHN2zpaRfKoYjJxN4Cyi1doaI4xtitABSlxMyyfIP_4cS5VM7Gy9-lamQmIEo83gjc0OE
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B536
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GBOTDyOYKtlHW3RFtHDaXEp8HOX4YtkY...

170 B
188 B

57ms
57ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GBOTDyOYKtlHW3RFtHDaXEp8HOX4YtkYXP_-DxYVy7hNGQ0gXA3RDHw0om9q1sAFaMMe9lmmzrNgERV7MbeItkb9cEZ-Wg

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8QwXNakucVOSla6EiM9gzd6kWUOOkCivmW5iUj5C0qvT%2BNJb3lS%2FcYts%2BZNNfpiFEDuO136UjAfE%2BMSH1AipQgDj%2Bo%2BMV3NFfwTDIXDwl%2FAl0BaN0S7H1wDMSrGF3%2F6wQ6qXHrwIPsm1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO8Yl4PlbBK4AxII-dkb5mw&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GBOTDyOYKtlHW3RFtHDaXEp8HOX4YtkYXP_-DxYVy7hNGQ0gXA3RDHw0om9q1sAFaMMe9lmmzrNgERV7MbeItkb9cEZ-Wg
cache-control: no-cache
cf-ray: 725cb596694f7591-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame B536 0
44 B 808ms
272ms Image
text/plain 13.112.193.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEGajzvMifEbYCSwa8To9pcY&google_cver=1&google_push=ARnp8GD7ZKTMy9PPNiaiBIwfvM8ZoL0Fl3nr3zlDl9q_12TIThUKWnAjxYcpyf417khdBHcMNVYuq-PfS2BWwI1qPAEN7FwD3SM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=656391282&pi=t.aa~a.4141678559~rp.2&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=2&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600&nras=2&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1427&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=57agLBIS8Z&p=https%3A//lb.ua&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.193.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-193-52.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
server: awselb/2.0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B536 0
12 B 124ms
46ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lo8QQqv8eCU6kv74HFtnsgWix0btY7xDj6nOhSUjKMocIVShHpephSLl76873-Tv28bFDZ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 B27734930.335326645;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=521587876;ord=zo6w8f;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZZKxgqPDYraELO2qx_AP7bSx... Show response
ad.doubleclick.net/ddm/adj/N1788973.2334908DIGITALVENTURES/ Frame 0839 64 KB
28 KB 183ms
80ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1788973.2334908DIGITALVENTURES/B27734930.335326645;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=521587876;ord=zo6w8f;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZZKxgqPDYraELO2qx_AP7bSx2AH4ntv5aob06dPXD_AuEAEglfySJWCRBqABltDt6wLIAQmoAwGqBIICT9BRaeWEOatyNlb8pMzedGMIMyFiNRm9rf6guyh5rtSJGJ75f_OsBQfnoUlUe3-lECkVYcxmP4l7odWfYBddSt6BhSP8QMIInDyCqRQWNTFHOJ8zuAEAtaqV0szllH7wGqRx0ek858oE-WonemM6WGlsmltgIAESBLp0AvX-QM6ByLTOJAJAw2He3x6YfH7DSUpUmTLbAMX51yBK1T4T4jRNo5f-CuSxvcdifVjfWgRKEe71mre2rCIW2345oRDev5Z99Zfs7rcvlymvpln45PBSKb_bl_iKvrRpKSPTq41uKsWYaMZHoNk33a088ao1p9SQ5ua5xxnESYk3lo2rIvCfwASK6oCs_wPgBAOQBgGgBk2AB9KvkpQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB8yAooCOgKAQIAKAZgLAcgLAYAMAbATx-_gD9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORoEIAcAddeJ17CZ-CT5360GJFT-uu-Fd53tF9kXxs9Nuxmkw%26sig%3DAOD64_0DOZKkNQ2OVjjWsE1RVASjtdAn7Q%26client%3Dca-pub-6096932064585080%26dbm_c%3DAKAmf-BDHbBi5L7OsCVA64Vgx_AgFuscKBWDByemrmwj37hWJQHCYWFj-cyXwtuM6g5CzhF7A4yD64gNHZcEMppAqEO7O0UHcJBtQ86S-Tht4U8d27VUc6DQtFNXGCryKbWNZUCRXKTxLVC7tLc7RXk0hBrm5bHQ5Q%26cry%3D1%26dbm_d%3DAKAmf-Aw1FYugyrjqw6Wt1MTwK_xiL-_ARolxqm2_Tw6PVfIaiMsXAGbA8e7YBaNmasiMSzUUbDgK8A4lJT_YRMkWWlrHAJ4AUaDfYG0pze5fOj4IYT8d_PAR-GjqxT4GF-rSrmDk4ccI6tUZcAu7YQceLx4QKNmqFwl7QuKJRfdFbBVEEXl9uwYNp1RUa0ojiK8pmcuqB8MRHTJMY9QIMPN9Brflja1VRhetYqfY1rT_nRoCyrP3LZS8j5BwV7YJ0v2SOSJMLuAEhFxv8jgTVv5DMcFs8b5bfDvAjj9qacB1UAMSeG7zauElilyYLiuZspAtQaIRrhBREEvNQgx5agvHY8NlnS40RlPBZUqx9QeMiFvDwoCLZHH2U3wRFXl5nOXl63QCcg3pX2_wF6UuXyi_eUkqSpAHQVg6Bf1kCdd2coRaRW-lDrHWwKg7xSVKt7UFoVb2Y5u%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Flb.ua%2F$0;xdt=1;crlt=8qVrRxHl0A;stc=1;chaa=1;sttr=146;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

d612a62be02fbe05b5482648fa02ffafdbbe04018d4eeb68092a5687e25c3ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DAAE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30f1b10e7cdb74be8622b8039033af917d4a198cab252ebcacb44cca03531b9b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E0D8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b04c3ae5a5e72c11319e77861a9572cd217b1e616ac39048fab4ffb3905e296

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 25F2 35 B
464 B 96ms
42ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJyfU8Y8M795k-SG2AOpSBo&google_cver=1&google_push=ARnp8GDK3SFO77jRCeZPs5mUKkVT5CPBzjuTXI0JiBSuAYAWqyQyGd2jpA9oqdXgrkEPVA5325zCMA4sNAgIB1jBSjbn4zieWv8N

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 25F2 43 B
135 B 57ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE5ALnBeT82ZD0AmeRe2MeM&google_cver=1&google_push=ARnp8GAqZQA3n7s0KY8Jz8BlskmBTseopEO8olEJv1JGuA-qfW4S3mcnRDRxUzyAvtPMW6ABLtgYKmFrNPYtD6uC1kHXeVSBigs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sd832ricj9f0qirq91lkv6msvg8qrtlb

GET
H2

200

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 25F2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
41 B

159ms
159ms

Image
text/html

104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJopyrrkYGUyywV_MM9KMC8&google_cver=1&google_push=ARnp8GAjh220ssRU3xicl2u043JYmki3vr7AhvolRyfYH8OUqLFoSU-n7p52redD6fPfDBBe9FVhJvAuuKzbW6WnYufXC3TnMCI-&rdf=1
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

Redirect headers

location: /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJopyrrkYGUyywV_MM9KMC8&google_cver=1&google_push=ARnp8GAjh220ssRU3xicl2u043JYmki3vr7AhvolRyfYH8OUqLFoSU-n7p52redD6fPfDBBe9FVhJvAuuKzbW6WnYufXC3TnMCI-&rdf=1
date: Tue, 05 Jul 2022 02:35:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25F2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELdqtNDeelcz9ZSlf9LfIts&google_cver=1&google_push=ARnp8GBBsA4hRHpqnMxi3-cI7yGObuSe5kwtp64zm9DxySga17f-xeAhnNTM8AfIFqfjMfcDRfQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VkYtMUgtQ0gwOQ==&google_push=ARnp8GBBsA4hRHpqnMxi3-cI7yGObuSe5kwtp64zm9DxySga17f-xeAhnNTM8AfIFqfjMfcDRfQGLSIfCDyZBBNNwIjqiXosXBbH

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VkYtMUgtQ0gwOQ==&google_push=ARnp8GBBsA4hRHpqnMxi3-cI7yGObuSe5kwtp64zm9DxySga17f-xeAhnNTM8AfIFqfjMfcDRfQGLSIfCDyZBBNNwIjqiXosXBbH

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc1VkYtMUgtQ0gwOQ==&google_push=ARnp8GBBsA4hRHpqnMxi3-cI7yGObuSe5kwtp64zm9DxySga17f-xeAhnNTM8AfIFqfjMfcDRfQGLSIfCDyZBBNNwIjqiXosXBbH
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25F2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GAq4i0PaWaIg7HfShGDNWbIh2O9qv_Bb...

170 B
188 B

58ms
57ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GAq4i0PaWaIg7HfShGDNWbIh2O9qv_Bb0b-mqVK_zVlAIuaTy4v8DCC_3qdwuf9COmW-49ZJ6LrCIuQVOuOg-SjoXdt4xQ

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4itMWyHeJgoDx%2BeaUtoARpVNBBW1EUnKfaNW%2FOboVEpakB07ZlMXNAD4yGSjfrXmC1ndK%2Bs0Jiozg3nyhgy%2BdvE8RBtL3zmwmXMz5LlrGoMQZWkUrqPPAw3QvqaU3KYJ62lZHx24ydYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0iqCsmLDZryfmoj_fUm40&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GAq4i0PaWaIg7HfShGDNWbIh2O9qv_Bb0b-mqVK_zVlAIuaTy4v8DCC_3qdwuf9COmW-49ZJ6LrCIuQVOuOg-SjoXdt4xQ
cache-control: no-cache
cf-ray: 725cb596694e7591-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 25F2 0
43 B 771ms
273ms Image
text/plain 13.112.193.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEFRovYvfY0I4s-5fI9VZhK0&google_cver=1&google_push=ARnp8GD3CRX4O5YjkPUH6oCcrxydIoXjNPT1SN2jTCqqv_bE4Ki5nq8YHnefO-EbIikt0sgHrp29sjTGDnQCkvTiQG4LPcyAxcR_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.193.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-193-52.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
server: awselb/2.0

GET googleredir
googlecm.hit.gemius.pl/ Frame 25F2 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 25F2 0
12 B 87ms
47ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7k4w3dmgjBmIES8yrEkbj5FWfyuuoYrcrstXIfrIU01y_kJGR_IxTZEoGONErDFBy16Hgfg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E0D8 28 KB
28 KB 117ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 496263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 08:44:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DAAE 15 KB
16 KB 129ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 496258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 08:44:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DAAE 15 KB
15 KB 117ms
43ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 53310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:47:17 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9EB7 0
18 B 81ms
39ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://lb.ua
Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://lb.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:47 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D2E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

60ms
60ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=2770645287&pi=t.aa~a.4141517004~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=678&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280&nras=3&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=2413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=sckZKpmHPu&p=https%3A//lb.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 02:35:47 GMT
expires: Tue, 05 Jul 2022 02:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 02:35:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8718 36 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame E26A 36 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame CBD1 36 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0839 170 KB
59 KB 145ms
38ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 19:43:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 0839 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1788973.2334908DIGITALVENTURES/B27734930.335326645;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=521587876;ord=zo6w8f;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZZKxgqPDYraELO2qx_AP7bSx2AH4ntv5aob06dPXD_AuEAEglfySJWCRBqABltDt6wLIAQmoAwGqBIICT9BRaeWEOatyNlb8pMzedGMIMyFiNRm9rf6guyh5rtSJGJ75f_OsBQfnoUlUe3-lECkVYcxmP4l7odWfYBddSt6BhSP8QMIInDyCqRQWNTFHOJ8zuAEAtaqV0szllH7wGqRx0ek858oE-WonemM6WGlsmltgIAESBLp0AvX-QM6ByLTOJAJAw2He3x6YfH7DSUpUmTLbAMX51yBK1T4T4jRNo5f-CuSxvcdifVjfWgRKEe71mre2rCIW2345oRDev5Z99Zfs7rcvlymvpln45PBSKb_bl_iKvrRpKSPTq41uKsWYaMZHoNk33a088ao1p9SQ5ua5xxnESYk3lo2rIvCfwASK6oCs_wPgBAOQBgGgBk2AB9KvkpQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB8yAooCOgKAQIAKAZgLAcgLAYAMAbATx-_gD9ATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORoEIAcAddeJ17CZ-CT5360GJFT-uu-Fd53tF9kXxs9Nuxmkw%26sig%3DAOD64_0DOZKkNQ2OVjjWsE1RVASjtdAn7Q%26client%3Dca-pub-6096932064585080%26dbm_c%3DAKAmf-BDHbBi5L7OsCVA64Vgx_AgFuscKBWDByemrmwj37hWJQHCYWFj-cyXwtuM6g5CzhF7A4yD64gNHZcEMppAqEO7O0UHcJBtQ86S-Tht4U8d27VUc6DQtFNXGCryKbWNZUCRXKTxLVC7tLc7RXk0hBrm5bHQ5Q%26cry%3D1%26dbm_d%3DAKAmf-Aw1FYugyrjqw6Wt1MTwK_xiL-_ARolxqm2_Tw6PVfIaiMsXAGbA8e7YBaNmasiMSzUUbDgK8A4lJT_YRMkWWlrHAJ4AUaDfYG0pze5fOj4IYT8d_PAR-GjqxT4GF-rSrmDk4ccI6tUZcAu7YQceLx4QKNmqFwl7QuKJRfdFbBVEEXl9uwYNp1RUa0ojiK8pmcuqB8MRHTJMY9QIMPN9Brflja1VRhetYqfY1rT_nRoCyrP3LZS8j5BwV7YJ0v2SOSJMLuAEhFxv8jgTVv5DMcFs8b5bfDvAjj9qacB1UAMSeG7zauElilyYLiuZspAtQaIRrhBREEvNQgx5agvHY8NlnS40RlPBZUqx9QeMiFvDwoCLZHH2U3wRFXl5nOXl63QCcg3pX2_wF6UuXyi_eUkqSpAHQVg6Bf1kCdd2coRaRW-lDrHWwKg7xSVKt7UFoVb2Y5u%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Flb.ua%2F$0;xdt=1;crlt=8qVrRxHl0A;stc=1;chaa=1;sttr=146;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 01:56:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F70 1 KB
749 B 38ms
37ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 74523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0839 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47741452ef60c9f5b5fda57df152e803eb6af58df4ded1e7e954c39c6638c0fa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E388 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 53128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 11:50:19 GMT
expires: Tue, 04 Jul 2023 11:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F70
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEImDG7TeOTgzx89LFwnkvCg&google_cver=1&google_push=ARnp8GChwMDn9w3-oG1v4OwTUXh7xuHzvaJ7SJoeUFHLP44ZpKqzmSthDJ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GChwMDn9w3-oG1v4OwTUXh7xuHzvaJ7SJoeUFHLP44ZpKqzmSthDJuDMzueB6xJth-X9qzQdFa4CU0sNX7kba3XrzSGBNM9&google_hm=lc4R1-Y64I56...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GChwMDn9w3-oG1v4OwTUXh7xuHzvaJ7SJoeUFHLP44ZpKqzmSthDJuDMzueB6xJth-X9qzQdFa4CU0sNX7kba3XrzSGBNM9&google_hm=lc4R1-Y64I56OS7Jd46AWA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GChwMDn9w3-oG1v4OwTUXh7xuHzvaJ7SJoeUFHLP44ZpKqzmSthDJuDMzueB6xJth-X9qzQdFa4CU0sNX7kba3XrzSGBNM9&google_hm=lc4R1-Y64I56OS7Jd46AWA
pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F70
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GADPSAkEA6i38JgsVj2__TAqdmwzAT9niiy-rY...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNPamd3QUFBSEpjb1NZRw&google_push=ARnp8GADPSAkEA6i38JgsVj2__TAqdmwzAT9niiy-rYw782cVePJYLYiWLz3O_yZKenLnlsLS3yH4-PlJ46awxkT9jIcwfAiIm7u

170 B
188 B

57ms
57ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNPamd3QUFBSEpjb1NZRw&google_push=ARnp8GADPSAkEA6i38JgsVj2__TAqdmwzAT9niiy-rYw782cVePJYLYiWLz3O_yZKenLnlsLS3yH4-PlJ46awxkT9jIcwfAiIm7u

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNPamd3QUFBSEpjb1NZRw&google_push=ARnp8GADPSAkEA6i38JgsVj2__TAqdmwzAT9niiy-rYw782cVePJYLYiWLz3O_yZKenLnlsLS3yH4-PlJ46awxkT9jIcwfAiIm7u
Date: Tue, 05 Jul 2022 02:35:47 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 8F70 43 B
64 B 59ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECGLIz2xPFFrvObkymkXFnI&google_cver=1&google_push=ARnp8GBGAtE8r1CBWdtjHf9r0HTmK3yTktzHpdkCdMcahZMyD6diVjCLau0kWiW2bVCDq1KR6BmjapiTGgknxNKdraLXBqor_kd7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=2152886645&adf=1462770618&pi=t.aa~a.1675703515~rp.3&w=429&fwrn=4&fwrnh=100&lmt=1656988007&rafmt=1&to=qs&pwprc=1459918002&psa=0&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988546658&bpp=1&bdt=677&idt=0&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D561a358affcc2112-22ec54efc5cd00a0%3AT%3D1656988546%3ART%3D1656988546%3AS%3DALNI_MZrnJnoCLAiyt2sU7zXQNB8o3_A_w&prev_fmts=0x0%2C320x150%2C300x600%2C429x280%2C429x280&nras=4&correlator=1518414470042&frm=20&pv=1&ga_vid=1359141589.1656988546&ga_sid=1656988546&ga_hid=860749049&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068308%2C42531605%2C42531607&oid=2&pvsid=926829183162149&tmod=1874661152&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=8MUTT44eJI&p=https%3A//lb.ua&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lolqocvgvbrosgj7rtu68t5jv4d4hjp9

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F70
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l6Udwr6eRpCNFd1s8QhVFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l6Udwr6eRpCNFd1s8QhVFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCv75ZRqRysFz9bmbEUQhAtM70-dlC9972jhmokWRRgeam2ibD07Cy8YwQLy4Vbh9FHxVypxtCI6b5XtL30ZVsjwM4IpvGL

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l6Udwr6eRpCNFd1s8QhVFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCv75ZRqRysFz9bmbEUQhAtM70-dlC9972jhmokWRRgeam2ibD07Cy8YwQLy4Vbh9FHxVypxtCI6b5XtL30ZVsjwM4IpvGL
date: Tue, 05 Jul 2022 02:35:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F70
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENZ55bKVVoFbQmTEYLBHwqs&google_cver=1&google_push=ARnp8GBsk9d5LRWihBFRSUPIIlpx9iS9WbKDmw2gG9JI6aAvQLvha1TWT9vaRA5dEZy-9g_04Wv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc2MEYtMjUtRE05QQ==&google_push=ARnp8GBsk9d5LRWihBFRSUPIIlpx9iS9WbKDmw2gG9JI6aAvQLvha1TWT9vaRA5dEZy-9g_04WvSjEYmZvbDfYvjfn4SjyJpRxwd

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc2MEYtMjUtRE05QQ==&google_push=ARnp8GBsk9d5LRWihBFRSUPIIlpx9iS9WbKDmw2gG9JI6aAvQLvha1TWT9vaRA5dEZy-9g_04WvSjEYmZvbDfYvjfn4SjyJpRxwd

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU3Szc2MEYtMjUtRE05QQ==&google_push=ARnp8GBsk9d5LRWihBFRSUPIIlpx9iS9WbKDmw2gG9JI6aAvQLvha1TWT9vaRA5dEZy-9g_04WvSjEYmZvbDfYvjfn4SjyJpRxwd
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F70
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGoQ2YI1CQe4XrI_3JfZCv4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGoQ2YI1CQe4XrI_3JfZCv4&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GCeS1lrkjvq4i0Ll5IKXAv7YezY2zHLd...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGoQ2YI1CQe4XrI_3JfZCv4&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GCeS1lrkjvq4i0Ll5IKXAv7YezY2zHLdTcoevGRx4ZPqilysrKkhO7xTDxv2weJjl3FyLcqRnAus0Gztk30ScSRLHuh8z0

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1uG1AS3oQVevWoTpr%2FkB9sBBuYBE8Rku1wlDGmjQFWIyR9O3tTfMMJ4uPwkOv3yp%2FTM7%2Bnliv5kN4MIv9ZlqYQGTW1amvXfF6JVZlgI15LZn7M%2BKebnEYlr6VkkSto5m7%2FSsC4iehxVYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGoQ2YI1CQe4XrI_3JfZCv4&google_hm=YsOjg2dHrTKwWgeP0zBueQAACNMAAAAB&google_nid=index&google_push=ARnp8GCeS1lrkjvq4i0Ll5IKXAv7YezY2zHLdTcoevGRx4ZPqilysrKkhO7xTDxv2weJjl3FyLcqRnAus0Gztk30ScSRLHuh8z0
cache-control: no-cache
cf-ray: 725cb596a9b97591-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 8F70 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F70 0
12 B 47ms
45ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-OrYrCPeIt9LkuOjbl6ZOFYPhLO12bUgOFva-iEAmuyyJGZ1_Pu-6aAK4s3Ol3WAk4_8TCg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E388 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 23:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:50:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E26A 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYZgig6PDYs9Llorv9Q_7opjQDQAAAAA4AeAEAg&bg=!s7ClsPTNAAaLlKKnq5Q7ACkAdvg8WvNlSc7LgPqT_e90GxpVgyz8WIuVBc904HUcjO4I994tWZKIyQIAAAC7UgAAAANoAQeZAtWsSvEfWV5S1Z-vpZjtyeSf1cAyFi9tgK-Xu1cpBOH7r6swQcrnr9F8qRZtFmHJ2gvm-g7NH-TVt2Nb8rqhJJ0g4RLIkP4eyRUtvBVrF4FlG6CLB9KGNRtUVoP09GDrbezXktEmzVxFiX92TDNRDfymfQZuL1lg3fcr3R_LZl6QOcs_J4mjJcrIePLWZ4h_A7p1X84Hw7GoPL4l1E-s6gvjDbg1wlCzb4VJCpfTvlNua8LWQV17Z4F83vxgskbwBn4SV4YUxOWzDHatVj6PFq19Dgy0w88Gn1DBKzxON-aDwIg-78ZNU9L6YZYoru2pw8SSMRV3RUrvJhKMrZYMaxE_Pwaoc71n-I_8KGxtk4Mt2Uwyw_Pvenk87KaNVDZM958GQmkrHWE9qwHK0B5r5L-f9zxYA6CcFjhd17_zoYxNJbBlZUUkLcQA9w84UoAUzvrPimXfbvla5T-njzZusCkR35nI2lLkSFzYQQFHAp5OakXaDSHcfhUkmz4RlDbqDF0JQmgS5up19psxw8Vmj-sNefSo-TVFD3dY519jbN1GDvy2FSuKJZkCmLvw7GFa_wa3MsUSpG1TVQ4bmL6c59l9edaGKZiXPLfp-cbcwrLjiwr1qSYR9Uw9Xl4EfT3YQQQpT3J8C2Rq3tYwadgPkaN7Gi99fbfbnkEzJnRLyBQNNpdyMgVw5iDYWEhtB-4lehyGvqDxSUMv_t5pPbwcKe6r5fTyGguh0q0hj-balaf66XZIAUkYInibi9BvDXsOAV1lPprdAbXwp10CU_IJ7R4OVu5gL9YKfoQiGDcBXHGLBARv5FduEPfbbZDdJJR_dge_JgYHIA4n-BbNYa0beYlmFSmC1cUUmm0hDZ5q6vuBZmR_qJ5zz9laarOjZOVQczJu1eeU2J3FGES6DZbRhMUpnqFhdaGPe5S-NUFoeeHfK5EkebM5CNYv0SWw4F-JnWnLjsEMaw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9173979009061486592/ Frame A743 2 KB
685 B 133ms
50ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2223fddc9fd9fcb226b4fee328824096f8f0947488942d4835eff684f6f20929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 657
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:47 GMT
expires: Wed, 05 Jul 2023 02:35:47 GMT
last-modified: Mon, 23 May 2022 14:40:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0839 0
575 B 207ms
85ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviHWmBOtlgjOb8v-DSUYBZ5nPL4yEfAdaozEj8WODhNnlcdblhRHRNx1iwU-KeGJRzUi08ftot1uyjX9oS8Nhqy8qe8mKLSRLWnWAlwSxvduy6bl4i5bJkweYpMF-fYFx6poevXY0vhyrDY9Oc4g&sig=Cg0ArKJSzCwduTi9zDs5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=215&cisv=r20220629.75467&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E388 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6gL8g6PDYp_3GIjJ7_UPmqGU-AoAAAAAOAHgBAI&bg=!l5SllNDNAAaLlKKnq5Q7ACkAdvg8Wn89-TGXhYtWMT9EXS7HAkF4lihzGjJAdYOMchpt6B2XrmHzngIAAABtUgAAAAFoAQeZAt68fW4mrI_m_1qA2tFGKw_cNKiX6F-zCI7x9U26-AhsHtiLZHF5t9kOugW4_0bxnCVdNtCJkTrZBiI7hgzLm-PMk7GFySVkkZff_vD9Me7fGGXa6gbOBhTD8QCuIa2JVvvwQrAXXQhfQ6ny5iJN5TTwey2gBKS4HiuUdSFPrk17R82Jfu6rzeHqd3QfYjtmMwjiSAviF_Y10J-jYFdsZ8t1uuQ3cVheucW0C_GFCv6k_orsUN6wI9Z4TORIkvAwPk7teMSrMsxnNrf9e5iz-bF9PmAJpqu1UlfSIeL38N3GSn7VjvE4BkEd_6nqTKQjyqJXyIz9fbAhehKXR8ye2PlFT6bxv_L4UwPG2ZnOBfrst9oNc275n1fXjEtcbFRynz57WoySOxju85u-q4izqUTtOMSa2vCXBqcf-SwYf5tpLNoArmGU500q5yNiJ3mW3I4kqnrOlYiuXodA9pQWf6vpBkdlDaRRD0L5PlPzrldPvQCeotvA6lHx1UeXkyvPzGJTuuvDsNybohyfvieR8zEVqaNEER-e-zy7qHWKfeU3fCIShpz7zOPSDXovBDY68a8gimZPgqiJ3P_C_Dxp96NFtcZAi4aldZz0RqcCep8_uUyHUq6VSIBQBf0WuGH4TljK0Z0w1_0z7lu6iwcYlGDHFracwqZi760ckL8T6R5ZG0sFduaKr-kLet1ihLXUqlirB_5UxSyhNbvo75L3dfGRpgjW2EKEvh7ci1RzlbSRnFol2sQTT54nhJ6su8XaD343V_0uLfYvb7Qop2Lg7WoG4OWHxfPe8hDgJuJQsYCgb6en8Vzs_1Ly5EZqWY4xT3hs10S76PltSa1hSJIVUuQT9IqLoLAgnHTEhnRRoKxWGXDifvdUfv0P-MVKdIJ0OL7q0cwaEMXvy0N8V8Zx0RR2v2SUgGHF68MStuQjaGFooVjFYirJ9j-wlcRnaIDbtYqlJJagYiyaha01_zsdlQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 02:35:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/9173979009061486592/ Frame A743 9 KB
2 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9173979009061486592/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75891d9336044bdd8e533fb2af9ee983472ca5988906627e07a0b93d5a0de0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2398
x-xss-protection: 0
last-modified: Mon, 23 May 2022 14:40:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 14:30:21 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A743 118 KB
40 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 07:46:07 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/9173979009061486592/ Frame A743 3 KB
1 KB 58ms
58ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9173979009061486592/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd251ffdcf6c638783f4296bf2f9f99cfe8dd9c00c423af840da550e7029266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
last-modified: Mon, 23 May 2022 14:40:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Jun 2023 14:30:22 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0839 0
26 B 163ms
75ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviHWmBOtlgjOb8v-DSUYBZ5nPL4yEfAdaozEj8WODhNnlcdblhRHRNx1iwU-KeGJRzUi08ftot1uyjX9oS8Nhqy8qe8mKLSRLWnWAlwSxvduy6bl4i5bJkweYpMF-fYFx6poevXY0vhyrDY9Oc4g&sig=Cg0ArKJSzCwduTi9zDs5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=450&vt=11&dtpt=231&dett=3&cstd=215&cisv=r20220629.75467&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A743 7 KB
6 KB 144ms
52ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b38feac432ed16b89b9ba5cc85096ae6fdf9109a1375edf186d641ac2e3566eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A743 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:48 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 039C 36 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 51ms
51ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a191a2e50da2b6a5bd311201def5dcdbdaeca9b1e9f934d16a6f8a6d432924f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 02:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10426
x-xss-protection: 0

GET
H3 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame A743 9 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:49:36 GMT

GET
H3 200 172046799615870953.json Show response
s0.2mdn.net/creatives/assets/4523083/ Frame A743 22 KB
5 KB 38ms
38ms XHR
application/json 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4523083/172046799615870953.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9173979009061486592/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14b4ec997f3e51979a845fa634ec0e6be9f1002b6b0c51e436911532dd8ec62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4911
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:03:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 02:35:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F496 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 8363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 00:16:25 GMT
expires: Wed, 05 Jul 2023 00:16:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 157E 783 B
534 B 49ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7369c48ddb11cb1bdd1247b302f666e4444bfffc1232d468139624f0cdcf7423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V73AJgTjJIqf8sodao2rzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-V73AJgTjJIqf8sodao2rzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 02:35:48 GMT
expires: Tue, 05 Jul 2022 02:35:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame F496 36 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 05:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 05:25:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 157E 0
0 87ms
86ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=926829183162149&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F496 0
9 B 37ms
36ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ENx9gw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=926829183162149&bg=!e3ileDzNAAaLlKKnq5Q7ACkAdvg8WkI2veqxhBAaJ738g-rzyrhTKfmTXDdPjqTkiee5xOHskE0x6gIAAAA-UgAAAAJoAQeZApaZwvlMf6V40TCoJzvq0eOHMMP19vDX0-XLFTcx3IHevAtqNwMgyeJmNqz02P3XmojNEMY2iGqNdxtZcLh0wPgtmWyotXBBn01ppi4a5qnlXcLFw8EKRsG4PAzMAUMP4goQHFoXOUjxmhNIsqlS8IA0LJ_C2jFIqSC-AZCNM34crqq1Qd1nYfuRxQJjOLTIZRqOWAp2PWAJuK6MD1JHOWJiSQ6H92pfoZezTjexBg7qgY9aR8p4XMES6lfiEmwl4aCwn86HlmvfWA5Fez5NH3YWpRea-r8earqFOyaJvNJBgQBrDqR3AFmQLBmnppwtePEJk5ySsHNf45d0hQz4SHiZAbe-YFPcWaCKin7z8L5WhijlGiwOy1LdfYvMlmWOgSJH8W82289zaDHm9E-dOGTUsBwMUJPfjbdb49xelyjpnuKlBRBoiWFwOKIOr_r4PLPmxmZyfN21GBAUONcKtaGApnkiCuWHLa7w5LBJNY2PVw-wA6dNFU4pgkQXFclHtlNjOMVCbZp6fqbsifL93ec3aVLnPUoWEXT4YVvHZ5YKPXgqXcVmVPsZioTKh77z3ThaQboniocKvI7zgTWTtTv_oQr_pQW1d4lJcJqrxyG8r9nBPAE2AKAR2qNVvXjsYii5ScvSm1NNZER55KhqpLDjfOj5RMdK7e3jR0J5yzozAnt03FPysc0uonnec4WKW6WW1A-btSXvE_gGfH_BOHfSqfi47PJj9kI9B7wAKKEUxp2gbTEPKhZh3NlFAzw5qvKGx-77Lm0HHFReL80KSCbXd9dJYfHxxB4THm_oesiv24tI2mbFuYsXFxSAfp0x33G-hUaYxJTPFPJk_hmth2Mzlvx6PsP7ArtB5S9-Hylyz1WR0X_ILA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 bg-pizza-slices-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 32 KB
32 KB 39ms
38ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/bg-pizza-slices-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62698ce5007767f41a4ee4b877e888901bba6bd516632b8086b7aae7d0393c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:22:01 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32467
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:37:01 GMT

GET
H3 200 cardboard-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 11 KB
11 KB 80ms
76ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/cardboard-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6b3e7b28a9a42e63ba844037b99fe93ee58c11418530d743059002d7ec88e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:22:01 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11139
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:37:01 GMT

GET
H3 200 red-hat-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 542 B
568 B 94ms
90ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/red-hat-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f120a46101438d95839a675940169a6bab34299f5c03d359725e5adc6f9b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 black-super-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 2 KB
2 KB 94ms
91ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/black-super-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b58f2b63c3bb74f4222e90697fda3170e138782cfc06cb1f200100407cde71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1642
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 bg-sides-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 28 KB
28 KB 83ms
80ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/bg-sides-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5402af5e4ef43161b4817eb979abfa34e569c6f16c140e64a3622e3663cb105a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:22:03 GMT
x-content-type-options: nosniff
age: 826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29027
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:37:03 GMT

GET
H3 200 BlackLimo-spritesheet-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 34 KB
35 KB 94ms
91ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/BlackLimo-spritesheet-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c1a247658f47523a7e9a5a8667550ee81fd930cf054ae8709985525cf1c8568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35297
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 AED-99-spritesheet-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 33 KB
33 KB 117ms
114ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/AED-99-spritesheet-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86eb97e4af426d5ffab6a6ae32b6d0b0e681badc02d1fc7f4363c86f6834028e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:22 GMT
x-content-type-options: nosniff
age: 687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34217
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:22 GMT

GET
H3 200 new-copy-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 267 B
298 B 123ms
120ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/new-copy-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fc46b3ef45ba8d3f3ac32bd32bdd02a7ca030170e5c3bb193a753fca69e9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 oreo-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 2 KB
2 KB 123ms
121ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/oreo-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1637ae76b929180a7a8c6e3c77dea665ed08c57d7f40c50cb4f711831e231932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2313
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 cookies-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 468 B
498 B 122ms
119ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/cookies-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

883fd82db2cf77c95a40d5d13470a5a106053b081b4f80f1418fb79e5fa86f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 468
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 bg-pizza-meal-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 48 KB
48 KB 102ms
100ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/bg-pizza-meal-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4845cb2c91e9c8e207c9f6124f2f2b2751003f4fbce3836d0f1804f69ced89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:22 GMT
x-content-type-options: nosniff
age: 687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48721
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:22 GMT

GET
H3 200 white-hat-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 355 B
384 B 120ms
118ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/white-hat-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8718c6ce66ff884806c26a63f3e0cd1c94f6aa6558042de85ade0689fae2e83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 white-super-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 787 B
816 B 120ms
117ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/white-super-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e31ad003da107c8c5179c7f943fa93db2c3f26891deadf7fbb15e771ef23d058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 787
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 now-thats-more-logo-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 7 KB
7 KB 99ms
97ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/now-thats-more-logo-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05f14c7c620b5543e8f7b92d951a808ea223ee3beee703f3b106d26a82f8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6909
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 WhiteLimo-spritesheet-300x250.png
s0.2mdn.net/creatives/assets/4523083/ Frame A743 16 KB
16 KB 107ms
105ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4523083/WhiteLimo-spritesheet-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63201fdf258f6e06768b6bf832ef1d4e45f42238cfa6ee6cacd9f9024eee098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:24:21 GMT
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16850
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:39:21 GMT

GET
H3 200 SharpSansDisplayNo1-Extrabold.woff2
s0.2mdn.net/creatives/assets/4523083/ Frame A743 54 KB
54 KB 44ms
42ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4523083/SharpSansDisplayNo1-Extrabold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3054eb4133c0a06117e413fe3685ab6f4fc2545f86fe79ff8ef8c5324e2603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9173979009061486592/index.html?e=69&leftOffset=0&topOffset=0&c=QKxBLZoLSw&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:29:45 GMT
x-content-type-options: nosniff
age: 364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54800
x-xss-protection: 0
last-modified: Wed, 25 May 2022 13:54:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Jul 2022 02:44:45 GMT

GET
H2 200 62a9f391c0335.jpeg
i.lb.ua/059/13/ 24 KB
24 KB 51ms
51ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/059/13/62a9f391c0335.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 44201be094193ad3035ab8a6daba4f2fe336125f4b68538b5e87085ef8115e19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:50 GMT
last-modified: Wed, 15 Jun 2022 14:58:26 GMT
server: Microsoft-IIS/10.0
etag: "ddea9f5dc880d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 24391

GET
H2 200 62b07d977bf18_200_130.jpeg
i.lb.ua/111/37/ 6 KB
6 KB 56ms
55ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/111/37/62b07d977bf18_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e4f368288e50905f2363eca102edf2cb51a734e0e2d1d97a71107ec852d1132a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:50 GMT
last-modified: Mon, 20 Jun 2022 14:00:55 GMT
server: Microsoft-IIS/10.0
etag: "a904f29ae84d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6168

GET
H2 200 62b9ee3b2e9c3.jpeg
i.lb.ua/027/18/ 14 KB
14 KB 52ms
52ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/027/18/62b9ee3b2e9c3.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: eefa6d73ff4d76dd69f36414edb3e4b48ea8a5ba3df748f99b17494079537b85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:51 GMT
last-modified: Mon, 27 Jun 2022 17:51:55 GMT
server: Microsoft-IIS/10.0
etag: "ce35f974e8ad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 14729

GET
H2 200 62c1f3c07e917_200_130.jpeg
i.lb.ua/075/17/ 7 KB
7 KB 49ms
49ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/075/17/62c1f3c07e917_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 5039e864dff75fe216398c279352b9a47a2d8faa6b5fa9c7e64d628cb3278d2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 02:35:51 GMT
last-modified: Sun, 03 Jul 2022 19:53:37 GMT
server: Microsoft-IIS/10.0
etag: "f58ba995168fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6898

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIClvgCiEXdYt0CiWyy6v1U&google_cver=1&google_push=ARnp8GDqAp23ZB3BPEsuxX2vGAP920l1BWQLXjKI1KSBBdGGETQC7kg7oZw_g_N_gZvE5jrZHHRGr8NIJFByaC82W8cBMFV_A9gVSA

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJpJUspvj7_4jKTFff6Iv9E&google_cver=1&google_push=ARnp8GA7yJm_1paqADUcFXOvPB0wIqYeBORabKylkRZNDrlGnyEAoF7lzv4pNGZVxnexYDMliZvnZxh3pIj1Kw3-xhqwou2Rfvq2-g

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lb.ua/	1969-12-31 23:59:59	Name: __utmc Value: 5405166
.lb.ua/	1970-01-20 08:39:16	Name: __utmz Value: 5405166.1656988547.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.lb.ua/	1970-01-20 04:16:29	Name: __utmt Value: 1
.lb.ua/	1970-01-20 21:47:40	Name: __utma Value: 5405166.1359141589.1656988546.1656988546.1656988546.1
.lb.ua/	1970-01-20 04:16:30	Name: __utmb Value: 5405166.1.10.1656988547
.lb.ua/	1970-01-20 06:26:04	Name: _fbp Value: fb.1.1656988546715.376393062
.lb.ua/	1970-01-20 13:38:04	Name: __gads Value: ID=561a358affcc2112:T=1656988546:S=ALNI_MaoFTPmlva58eoQW5j1BI-BkrL__Q
.doubleclick.net/	1970-01-20 21:47:40	Name: IDE Value: AHWqTUm_pgD8RJ2JSN_XAOYVqXULc2cTnfOk48QDkRhUZebsD-Qld9bp2CBhykyY_s8
.adnxs.com/	1970-01-20 06:26:04	Name: uuid2 Value: 6862563598770572224
.doubleclick.net/	1970-01-20 04:16:32	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 06:26:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb^5l8cq!1yIE`fS1ueD1W-044)d+]UfWqGZ8HX>(nPVzwq-)heLHExV#F.SKQOHb8+N9RFMZ9T5_m!ww_h)nAw5
.quantserve.com/	1970-01-20 06:26:04	Name: d Value: EHsBCQHFJoEA
.quantserve.com/	1970-01-20 13:46:42	Name: mc Value: 62c3a383-5d8cb-61a9d-b0526
.casalemedia.com/	1970-01-20 06:26:04	Name: CMPS Value: 2259
.casalemedia.com/	1970-01-20 13:02:04	Name: CMID Value: YsOjg2G.u1iSvj9lapdBGAAA
.casalemedia.com/	1970-01-20 06:26:04	Name: CMTS Value: 816
.casalemedia.com/	1970-01-20 06:26:04	Name: CMPRO Value: 2447
.pubmatic.com/	1970-01-20 04:17:54	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 06:26:04	Name: KADUSERCOOKIE Value: 97A51DC2-BE9E-4690-8D15-DD6CF1085516

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIClvgCiEXdYt0CiWyy6v1U&google_cver=1&google_push=ARnp8GDqAp23ZB3BPEsuxX2vGAP920l1BWQLXjKI1KSBBdGGETQC7kg7oZw_g_N_gZvE5jrZHHRGr8NIJFByaC82W8cBMFV_A9gVSA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJpJUspvj7_4jKTFff6Iv9E&google_cver=1&google_push=ARnp8GA7yJm_1paqADUcFXOvPB0wIqYeBORabKylkRZNDrlGnyEAoF7lzv4pNGZVxnexYDMliZvnZxh3pIj1Kw3-xhqwou2Rfvq2-g Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.ae
adservice.google.co.uk
adservice.google.com
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
e2e3e8b938edb3e87f967fd5697a7c20.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i.lb.ua
ib.adnxs.com
image6.pubmatic.com
lb.ua
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.ae
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
104.36.113.23
13.112.193.52
142.250.184.226
142.250.185.226
142.250.74.194
157.90.133.197
172.217.18.102
20.85.9.11
2606:4700:10::6816:3f78
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::2004
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a00:1450:4014:80f::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.251.55.128
34.98.67.61
35.186.253.211
37.252.172.45
69.173.144.138
01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227
0198bcb2549a536f175807a93386df6c58c70cbca338a4cfb3b4ba311bd787db
04fc46b3ef45ba8d3f3ac32bd32bdd02a7ca030170e5c3bb193a753fca69e9d0
06f120a46101438d95839a675940169a6bab34299f5c03d359725e5adc6f9b78
087afccd6c529e8c66aaec7f26a26ede8a95bb869d3441fbfe53057022f84488
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc23550e9d2c71443943564ea832a2ab55003798ef53f9b21d8d9b175ec3cf3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1637ae76b929180a7a8c6e3c77dea665ed08c57d7f40c50cb4f711831e231932
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b438b915244cfb4e36474092f29529b78dd85c47101b54c358449eaa1204dbd
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
2223fddc9fd9fcb226b4fee328824096f8f0947488942d4835eff684f6f20929
238fd6bfe33964e23029ec158e76214d7589a7600884a653e93875ead54aeff7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a89121fad8f54a95f893f9ed304ef1599da129c37fa87d8e49fe54dd743bccb
30f1b10e7cdb74be8622b8039033af917d4a198cab252ebcacb44cca03531b9b
31e6c7b05dd655d6d4c59af29445a27887b8bb11eb156ed28955565190d249bc
34e8190c3f46c8c94ca0e70d4401c912c85f8554e31a8e463e0b2fd365befa71
3757f28598f9489bfd828141c58629b297df880d711d2030570534218e083dce
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3b04c3ae5a5e72c11319e77861a9572cd217b1e616ac39048fab4ffb3905e296
3f7bc74f9a90167fdbc4057f4115c922ff513705a84a0a75b643227ce66ce954
4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62
44201be094193ad3035ab8a6daba4f2fe336125f4b68538b5e87085ef8115e19
456d6ec26a88521359746619f76b76a252a817ac9149af2890e22c80ad602d65
47741452ef60c9f5b5fda57df152e803eb6af58df4ded1e7e954c39c6638c0fa
48f29262af26c4aa1136562fa7e9f07117cce454be01e73d0a2447be50335ec3
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b58f2b63c3bb74f4222e90697fda3170e138782cfc06cb1f200100407cde71b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5039e864dff75fe216398c279352b9a47a2d8faa6b5fa9c7e64d628cb3278d2c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505d6011800f904e9ec090292703f31de4ca886b45b9bfb28027a58809bc26a2
511ebc630ecd5a15ea057ee711aef7e4cec5f2a98b17ed16133f6fc2be07d9b2
5402af5e4ef43161b4817eb979abfa34e569c6f16c140e64a3622e3663cb105a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5831f21088fb34e8bd5a19b5f6c5b74f090a7448274b9525c744f904ea0fd3fb
5c648f86bb8be9cdc13191689a39adf2bb4bc7db598dedac8ed5f18eaebc717e
5fd251ffdcf6c638783f4296bf2f9f99cfe8dd9c00c423af840da550e7029266
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
618257c306984bbcebb7578b21d2c97249147ca3af3842514f58b1466e54940a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62698ce5007767f41a4ee4b877e888901bba6bd516632b8086b7aae7d0393c95
627ab27fb0f325c1c61574aba945ed3cf3dc1817a307237e769b014de111d960
644340a6e6ad5297bcabd9912e0a644e7957e47dc86ff49c52a31bc0155ce339
675a6507061707a6816534c0ad183bbeac908395301be21c14564b8362e22440
71fb27eb0ba355bbb56958e5d1af8c02347fd6f19f039e388d7f0a3ed2216481
7369c48ddb11cb1bdd1247b302f666e4444bfffc1232d468139624f0cdcf7423
748689026ad60d8eb6cda232271cc556b940a72fadefc8f4ff56bdc852a5fdab
75891d9336044bdd8e533fb2af9ee983472ca5988906627e07a0b93d5a0de0de
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7815453f504db28fd39f157aacb633929dbfebe8b5de0696b55deb7927c31734
783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c
7a3651fcf2059877cf8bb6badbc0b6b3413a23b8ae5bc01c12ca6d60c9c23d7d
7ca9dbead0e59dc1b0a4ddd418d1f75a9315b7aa917ac960082598d74e4e559c
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86eb97e4af426d5ffab6a6ae32b6d0b0e681badc02d1fc7f4363c86f6834028e
8718c6ce66ff884806c26a63f3e0cd1c94f6aa6558042de85ade0689fae2e83b
883fd82db2cf77c95a40d5d13470a5a106053b081b4f80f1418fb79e5fa86f63
8a191a2e50da2b6a5bd311201def5dcdbdaeca9b1e9f934d16a6f8a6d432924f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ca47a4bc98cdcd01e877b6a7527f30f7facdd5abfbd1c10a6fdfec7aff55c85
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8e37ab0a50ace4e40479109e71879fee0e712b58a49be043cb9b2be3cbe02a40
8eb63e0e6f5e6a87ad9cbd8e5b808cd5e9c55a922d394f0cd0618b0fb411bfaf
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
96096ea06ee3b15131acc2a2633144686421c604543ad1d5529cf14a5e05f9be
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1a247658f47523a7e9a5a8667550ee81fd930cf054ae8709985525cf1c8568
9ed75940da2c503503d495cae24d721a011a9aba586630c5c8335cb3cfccc3fa
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05f14c7c620b5543e8f7b92d951a808ea223ee3beee703f3b106d26a82f8c9c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a35fe2dad6c6e5e56573d1900c5fe97db6ccebabec5c3389d6b5ea2457f681af
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a04944a6c53bf8bf1929aa82141ec2a2d58ef3e5ce9cf9679fea3f2b548967
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76db7fc5d2837f6e0d2c1c95623bbad9767816da7a88348471f0ea1b40baf26
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d
b0770f6728d6f04ff46e3079bdf9bf1e39e939f7bbfb307ce3365177aa1386df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14b4ec997f3e51979a845fa634ec0e6be9f1002b6b0c51e436911532dd8ec62
b2af70c54b67fe0859b1d9e462b23c50e7d57bdeb7e69f72bff95c904e7372ac
b38feac432ed16b89b9ba5cc85096ae6fdf9109a1375edf186d641ac2e3566eb
b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd
b63201fdf258f6e06768b6bf832ef1d4e45f42238cfa6ee6cacd9f9024eee098
b68e0685ed370e4ebb403301bf3d6b2e7d391b1c31cf6d0f01e74da5bfb00c98
b6b3e7b28a9a42e63ba844037b99fe93ee58c11418530d743059002d7ec88e59
b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6
b90030d9d999a8c8ddf814de377a55700b1fccafcba9dc922234bc062a30adce
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
b9ba5ee7707869fcbb967803fd198a135a929dad8aa818779bd12c70abc9c38a
bc172828a6c179f7dbf8412af220f532bdddeb5fc4b8e0bd2a902ab26cafefcb
bc9b728c58156d1313a57943dd4870f95eb74787caef9f2346ed7716ea52bf22
bdcf1f7cad59ff71bf79987b8e244a4cff6a8b59c9c35ed4644e1939e0b3d973
be3054eb4133c0a06117e413fe3685ab6f4fc2545f86fe79ff8ef8c5324e2603
bff5f5758d357a94df2e367d007634dd6c37cf4a73f55ca9782b4cd54f7f0fc7
c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be
c2e7e445cd4008d429b96b216be70f43b5749b580d0356774b5bc7a8247f116a
c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678
c5d8267d0aec69b247572847bbee43a2bb731d5b9f1a047ec1d50c1bd7022f88
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
cbe063ba788a33a4097f2697350fd7f5df06e4a39461a824bd4d43b783d704a4
cd937f8698192e0f5a73ffa2fb593c18e69d8808aa655ec0d49754ba65fc0ee3
cea2a493562c7f71e4aac2c587ccb31ec493b1cc15c85dfc912e5abb73f2aada
d3404f46df92e35dd258fbaffac09dc961e1baa88ccef7ba51ab687764b10fa4
d4845cb2c91e9c8e207c9f6124f2f2b2751003f4fbce3836d0f1804f69ced89d
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d612a62be02fbe05b5482648fa02ffafdbbe04018d4eeb68092a5687e25c3ece
e0b4c5775bfe5b011168ffc277b797b82b9e7da5b9b3370c83adb3bead1dc1e8
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e31ad003da107c8c5179c7f943fa93db2c3f26891deadf7fbb15e771ef23d058
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f368288e50905f2363eca102edf2cb51a734e0e2d1d97a71107ec852d1132a
e590c2b7889ff95626b9345381bbf2cef0100f34af786fee9cfee094bc1825e2
e78edeaad67d31825ebe75ae2b73b46cb5e85722ff15c7fedfc20eaef8e0d174
eefa6d73ff4d76dd69f36414edb3e4b48ea8a5ba3df748f99b17494079537b85
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02cc3254f34513a4dacd336850ec26d769422f78a814e71abe2a5fd5d0803f6
f1388f86a4d80a585639c425ed44ffffd231e99cad07f33204650dbeb14b52ea
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5
f6fcf69eaea919957c31b5334a776c871f44e582871329c3481ec2817805288e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f9477776b9b7a62de4a8d847ac31c392b42d85727ef9aec9fc1fc06d2420fea8
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

lb.ua Open in urlscan Pro 2606:4700:10::6816:3f78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

91 %HTTPS

58 %IPv6

25 Domains

37 Subdomains

30 IPs

6 Countries

2805 kBTransfer

5435 kBSize

19 Cookies

13 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lb.ua Open in urlscan Pro
2606:4700:10::6816:3f78 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

91 %
HTTPS

58 %
IPv6

25
Domains

37
Subdomains

30
IPs

6
Countries

2805 kB
Transfer

5435 kB
Size

19
Cookies

208 HTTP transactions
8 data transactions