urlscan.io logo urlscan.io
SecurityTrails logo

ukr-mova.in.ua Open in urlscan Pro
2a00:7a60:0:1054::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukr-mova.in.ua/
Effective URL: https://ukr-mova.in.ua/
Submission: On April 25 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 112 HTTP transactions. The main IP is 2a00:7a60:0:1054::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is ukr-mova.in.ua.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.
This is the only time ukr-mova.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2a00:7a60:0:1... 200000 (UKRAINE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 74.121.143.246 30419 (MEDIAMATH...)
18 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 104.89.34.137 16625 (AKAMAI-AS)
2 104.79.88.164 16625 (AKAMAI-AS)
1 50.112.185.104 16509 (AMAZON-02)
112 24
18    2a00:7a60:0:1054::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
ukr-mova.in.ua
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
22    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
sandbox-api-esp.piano.io
10    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    74.121.143.246 (United States)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
18    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.89.34.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-34-137.deploy.static.akamaitechnologies.com
creative.mathads.com
2    104.79.88.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    50.112.185.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-185-104.us-west-2.compute.amazonaws.com
endpoint1.collection.us2.sumologic.com
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 96
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
392 KB
22 piano.io
sandbox-api-esp.piano.io — Cisco Umbrella Rank: 758593
54 KB
18 ukr-mova.in.ua
ukr-mova.in.ua
615 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
99 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 98
adservice.google.com — Cisco Umbrella Rank: 64
www.google.com — Cisco Umbrella Rank: 2
73 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
45 KB
5 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2525
pixel.mathtag.com — Cisco Umbrella Rank: 1138
6 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
109 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9242
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137
83 KB
1 sumologic.com
endpoint1.collection.us2.sumologic.com — Cisco Umbrella Rank: 9704
1 mathads.com
creative.mathads.com — Cisco Umbrella Rank: 10071
143 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 610
29 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 773
650 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
346 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
67 KB
112 18
Domain Requested by
22 sandbox-api-esp.piano.io ukr-mova.in.ua
sandbox-api-esp.piano.io
18 tpc.googlesyndication.com googleads.g.doubleclick.net
ukr-mova.in.ua
tpc.googlesyndication.com
pagead2.googlesyndication.com
18 ukr-mova.in.ua 1 redirects ukr-mova.in.ua
12 pagead2.googlesyndication.com ukr-mova.in.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
ukr-mova.in.ua
googleads.g.doubleclick.net
4 fonts.googleapis.com sandbox-api-esp.piano.io
googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 tags.mathtag.com googleads.g.doubleclick.net
2 pixel.mathtag.com googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 apis.google.com ukr-mova.in.ua
apis.google.com
2 connect.facebook.net ukr-mova.in.ua
connect.facebook.net
1 endpoint1.collection.us2.sumologic.com googleads.g.doubleclick.net
1 creative.mathads.com googleads.g.doubleclick.net
1 code.jquery.com sandbox-api-esp.piano.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ukr-mova.in.ua
112 23

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
twitter.com
Subject Issuer Validity Valid
www.ukr-mova.in.ua
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-05 -
2023-04-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.mathads.com
DigiCert SHA2 Secure Server CA		 2022-02-21 -
2023-02-22		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
endpoint1.collection.us2.sumologic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-05 -
2023-01-05		 a year crt.sh

This page contains 14 frames:

Primary Page: https://ukr-mova.in.ua/
Frame ID: 12F2C5F5F2F358A8767DD7A5E3225031
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Frame ID: 19E875CF82BF6AE660E60DE0571A6AA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&adk=1812271804&adf=3025194257&lmt=1650854941&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fukr-mova.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941558&bpp=3&bdt=663&idt=327&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=166259595107&frm=20&pv=2&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=353
Frame ID: 67688EDE8F090BD045663A33BAAF78AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Frame ID: 1C9C57EB01E13B52016D864C205911B8
Requests: 1 HTTP requests in this frame

Frame: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Frame ID: F25395DA53EEEB02FEB6DEDB4466AC51
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CUECsHgxmYti1BJnYtwfdh684z4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqAMBqgS1AU_Q_Q0mHWWwPFIhR1lNX1YKIgTbqmkV-uvh6awVUgTi7LUhRhDI_-lJ1SigR7f3ZnUIuktN1IjrdXfFaezFFeLjPVU2u9EkFburSbzyPKx4X8pkzPzVdTgMxNMVMzxl_VirjpSKr2V_QkwrA-FfypdncSvQKaqaeX6LCT31Xl_fW_YvCfbfie18X0iF35kbgap8tMcqtObz4I0jFQKOE37SMO--kyqeSbmB24NQ0Zusf1HCYYWABubOqPms2picWaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1MDM0ODg5NTQ5OTE0OTAYAA&sigh=bSKJ-_DxzOU&uach_m=[UACH]&cid=CAQSGwCNIrLMPJNpsEItDdAcvlAOE-Ef_yhkk511YRgB&tpd=AGWhJmuzUl3fe8PBJD4uk5nZuZpwmN_MK3GC0YVyqn8Nw4yHXhJa9fe2FOuYr52u6PP899p6FTWL09SCVmU_WV6gIe-MTsASvw09ifBv-9p1sR9tzmIQQw_d7ZN-ao_AKtljo5S_vsEWwSsXXscHvLa37QQ00WrimQ0YUavnmfkD1E6wgnzYk3DczZuXjEVr593BsyYYoAnvDXwTGNaoQJvpAv-UtCaqTE4gycQr5rGN4YsPSy-eObLASbwwVy8YKYc3_uQT_qzFqsApaZZWJVkkHLGaci_j3L3OQ6jHMiFRM4nyX_uIN7iHyJzBDSv0IshAyf6KUXTz8oETuidgloihsjmaF_j9gaVaqBcHBvHX41uAKYTPndXLkYrVYy-MFyPwEr6NQBM7RuWbt5DOqDYeFSqsM1NKQfL8FYEt6Sb4GAa8tHy9rxxkINqXt3ZPB6jMQMIZaJTM9uiDUwO5xU5g7XQL_5LS7wjOq6Zkd3Cc2TZxiH19xOqTnI53VA2Wr9zYgndqWsuHauVjWAgVSI39v_g8uSOH4I1wnkUvO3Ae0eFqBfC2luDtOt46LwUQ4RBr58Tykh5Tb338486tNLcWnWuiG3PAAHWqe8wJlX1ymJSx4jMWVvB2UIG4jJ23sjNbBvvFENFuKZN3ZwWpArwkIUeYwNFJwkv6OjKgJtNiuOIHNQ09-0lVnetgIPnvlwi2H3xvBtO3HGvIu09X3P2uu4g2OCuy6GZSLWOkF94_8tiGJSvGvw_Js8LPKTkelh1yCwvA8PQk0yjYT7yDu_6hjPCGsqCJJ_2RL8anryLZlONwSmcLJCd_UCadxdJKsuRK9A8ox0AHGOEuFdL0dtX6tZGhvomPXWO_C_jdRvtBVRDr0yboAPN2Au23jtlK6vXmB9tBKbAn4e8TYMH_gRrwsywwxuUGZBEwwo78-KJHKnMDmmBRwh5yWXlaAWrWfF5T6cVXdFL_eYb8LgjwjJZsIBEXl9pd4jMMZwz45Yq9BU0WjaH_QrN0MB4ITG-zx78zVZPcDHCelANPcOVIZD297YdGgdFWYngiIv_P8elXVHG40fGYXkijnUL7pCpPPbBtWfKw6h4P3kc
Frame ID: B497046E9F459B810228157DB817C161
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9CFB64244A103DD87BFB1EF984A8A0A5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 939EC636F48156D0D20A2EDC2EE860D5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html
Frame ID: 914F32C8D0EC199ABFFA9FECB30588AC
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FD34594F2361A74391A630201943884B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C756B204616FA1E8BDA96D86A66DF685
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
Frame ID: 1A0FD625184E86B52A9432E46515731E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52D876C7550D0FC429188511C3996A01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 976734D0D18D92ACF5F94A475AE68538
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Лепетун допоможе вам вивчити українську мову швидко і весело | Мова – ДНК нації

Page URL History Show full URLs

  1. http://ukr-mova.in.ua/ HTTP 301
    https://ukr-mova.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

99 %
HTTPS

78 %
IPv6

18
Domains

23
Subdomains

24
IPs

4
Countries

1719 kB
Transfer

3775 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukr-mova.in.ua/ HTTP 301
    https://ukr-mova.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ukr-mova.in.ua/
Redirect Chain
  • http://ukr-mova.in.ua/
  • https://ukr-mova.in.ua/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
f519743889272b88c22b31f23f37f75b7789672564d94fb527b0fdf36a8225db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 02:49:00 GMT
pragma
no-cache
server
nginx
x-page-speed
on
x-ray
p1053:0.110/wn658:0.100/wa658:D=103804

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 25 Apr 2022 02:49:00 GMT
Location
https://ukr-mova.in.ua/
Server
nginx
x-ray
p1053:0.000/wn658:0.000/
jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
ukr-mova.in.ua/assets/templates/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed
on
x-ray
p1053:0.000/p1053:0.000/wn16980:0.000/wn658:0.000/
content-encoding
gzip
x-original-content-length
93107
server
nginx
etag
W/"0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
date
Mon, 25 Apr 2022 02:49:00 GMT
last-modified
Sat, 16 Apr 2022 08:53:15 GMT
accept-ranges
bytes
content-length
32695
expires
Sun, 16 Apr 2023 08:53:15 GMT
js
www.googletagmanager.com/gtag/ 		180 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b0fb7588bdef04f78ab7ed5959a3d9526b3691620dd492a4fea7f2861654533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67832
x-xss-protection
0
expires
Mon, 25 Apr 2022 02:49:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5382ca374b2090d0e344a7c5892d215a6197e71d716a3ca09ba7edb963bbf68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54441
x-xss-protection
0
server
cafe
etag
8311207027522158938
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 02:49:01 GMT
A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
ukr-mova.in.ua/assets/components/minifyx/cache/ 		216 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
5ff4df129472ce117df4b51bb3cd58f6ea514d85a63ff77a5df4c5d20ce5cd2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed
on
x-ray
p1053:0.000/p1053:0.000/wn658:0.000/
content-encoding
gzip
x-original-content-length
221389
server
nginx
etag
W/"0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
date
Mon, 25 Apr 2022 02:49:00 GMT
last-modified
Sun, 24 Apr 2022 17:54:35 GMT
accept-ranges
bytes
content-length
30292
expires
Mon, 24 Apr 2023 17:54:35 GMT
A.mova.css.pagespeed.cf.hW0QbgvBSY.css
ukr-mova.in.ua/assets/components/ajaxform/css/ 		504 B
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0c3b4742a2f051d5b4563017922c6a5a812a94176b935ec0ef0e7692310b6561

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed
on
x-ray
p1053:0.000/p1053:0.010/wn16980:0.000/wn658:0.000/
content-encoding
gzip
x-original-content-length
565
server
nginx
etag
W/"0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
date
Mon, 25 Apr 2022 02:49:00 GMT
last-modified
Sun, 24 Apr 2022 17:54:35 GMT
accept-ranges
bytes
content-length
243
expires
Mon, 24 Apr 2023 17:54:35 GMT
Mova_533.png
ukr-mova.in.ua/assets/uploads/images/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukr-mova.in.ua/assets/uploads/images/Mova_533.png
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
65f64c32be0b31cf5b3e60f6fe16fe0545e49375c5486490d10da3be8c823184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.000/wn658:0.000/
last-modified
Tue, 15 Mar 2022 13:05:57 GMT
server
nginx
etag
"62308f35-2a640"
content-type
image/png
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
173632
expires
Wed, 25 May 2022 02:49:01 GMT
Mova_519.png
ukr-mova.in.ua/assets/uploads/images/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukr-mova.in.ua/assets/uploads/images/Mova_519.png
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
99029fb71cd6a48830667e3e71970eb8b2883c39e9ea26cfa70a9e078b280467

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.000/wn658:0.000/
last-modified
Fri, 03 Dec 2021 09:29:27 GMT
server
nginx
etag
"61a9e377-253e0"
content-type
image/png
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
152544
expires
Wed, 25 May 2022 02:49:01 GMT
Vprava_19.png
ukr-mova.in.ua/assets/uploads/images/exercise/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukr-mova.in.ua/assets/uploads/images/exercise/Vprava_19.png
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1a642d998a7bb9a6451c45ec09b036fd3e9a9503a50543aff9d662abe3ef98ca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.000/wn658:0.000/
last-modified
Wed, 19 Jan 2022 14:17:45 GMT
server
nginx
etag
"61e81d89-23c20"
content-type
image/png
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
146464
expires
Wed, 25 May 2022 02:49:01 GMT
minifyx,_cache,_scripts_85e1a56646.min.js+ajaxform,_js,_default.js.pagespeed.jc.sl3QhsaXLy.js
ukr-mova.in.ua/assets/components/ 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/components/minifyx,_cache,_scripts_85e1a56646.min.js+ajaxform,_js,_default.js.pagespeed.jc.sl3QhsaXLy.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
faf82bdf4232c3b4b2e84f909652553508b656cd578b2160415e6bd8afbe7bbb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed
on
date
Mon, 25 Apr 2022 02:49:01 GMT
content-encoding
gzip
x-original-content-length
86428
server
nginx
etag
W/"0"
vary
Accept-Encoding
content-type
application/javascript
x-ray
p1053:0.000/
cache-control
max-age=31536000
last-modified
Sat, 16 Apr 2022 08:53:15 GMT
accept-ranges
bytes
content-length
23634
expires
Sun, 16 Apr 2023 08:53:15 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb31684779b0b969105603eceb28d7d539412520757a21587d17a5c6518249a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TJ0iHaJBkZy/Ay+lzLs72w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 25 Apr 2022 02:55:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
BrYUii9Z0fmzX1f4F+oxX5Ba2j3V5guPlS+TA7L8L5h3V+vLAvKuVI8pG+9r3f9e9pyvi8NC9yYpGBgmWrES/g==
x-fb-trip-id
686109401
x-fb-content-md5
a2a5a4c0b75ab8b2eafd2031e6a20f51
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 25 Apr 2022 02:49:01 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"40be1df2fed0f6fa13248dfe97397d03"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js?onload=onLoadCallback
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe774dc02289295b99fc13974fd4febec3f447337f31005d7c93e1007670e8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20366
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 25 Apr 2022 02:49:01 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"cef18018b1a86512"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 02:49:01 GMT
jquery.jgrowl.min.css
ukr-mova.in.ua/assets/components/ajaxform/css/lib/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/components/ajaxform/css/lib/jquery.jgrowl.min.css
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.000/wn658:0.000/
last-modified
Wed, 08 Nov 2017 08:09:22 GMT
server
nginx
etag
"5a02bbb2-6af"
content-type
text/css
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
1711
expires
Wed, 25 May 2022 02:49:01 GMT
collect
www.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RGJRK45Q0D&gtm=2oe4k0&_p=1305260114&_z=ccd.NbB&cid=909928275.1650854941&ul=en-us&sr=1600x1200&_s=1&sid=1650854941&sct=1&seg=0&dl=https%3A%2F%2Fukr-mova.in.ua%2F&dt=%D0%9B%D0%B5%D0%BF%D0%B5%D1%82%D1%83%D0%BD%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%B2%D0%B0%D0%BC%20%D0%B2%D0%B8%D0%B2%D1%87%D0%B8%D1%82%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%83%20%D0%BC%D0%BE%D0%B2%D1%83%20%D1%88%D0%B2%D0%B8%D0%B4%D0%BA%D0%BE%20%D1%96%20%D0%B2%D0%B5%D1%81%D0%B5%D0%BB%D0%BE%20%7C%20%D0%9C%D0%BE%D0%B2%D0%B0%20%E2%80%93%20%D0%94%D0%9D%D0%9A%20%D0%BD%D0%B0%D1%86%D1%96%D1%97&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 02:49:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ukr-mova.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Bg.png
ukr-mova.in.ua/assets/templates/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukr-mova.in.ua/assets/templates/images/Bg.png
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1492f13f86dec17d82703c69f04876ac6d2eb57f331b8319076590cef2d6a4ec

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.000/wn658:0.000/
last-modified
Sun, 04 Jan 2015 11:46:42 GMT
server
nginx
etag
"54a92822-12c4"
content-type
image/png
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
4804
expires
Wed, 25 May 2022 02:49:01 GMT
Mova.png
ukr-mova.in.ua/assets/templates/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukr-mova.in.ua/assets/templates/images/Mova.png
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
76e8afd1a54e3c4a9a0e604b4766afe94381eb62ad8bff5b3c641e7a970f0e66

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.000/wn658:0.000/
last-modified
Wed, 10 Dec 2014 19:11:12 GMT
server
nginx
etag
"54889ad0-17c3"
content-type
image/png
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
6083
expires
Wed, 25 May 2022 02:49:01 GMT
PragmaticaLightC.woff
ukr-mova.in.ua/assets/templates/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/templates/fonts/PragmaticaLightC.woff
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
62c1857dee37b756c49089ed0d15e32fbd1bae2cf3d581fc924ff695dc206e0d

Request headers

Referer
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin
https://ukr-mova.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.010/wn658:0.000/
last-modified
Wed, 10 Dec 2014 19:11:08 GMT
server
nginx
etag
"54889acc-3cd8"
content-type
font/woff
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
15576
expires
Wed, 25 May 2022 02:49:01 GMT
icomoon.woff
ukr-mova.in.ua/assets/templates/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/templates/fonts/icomoon.woff?-sm9jq8
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
025d6947e5924707bf0315200f65bd967680ba42e5c8e6b6948fa9405ccdf9d8

Request headers

Referer
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin
https://ukr-mova.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.010/wn658:0.000/
last-modified
Tue, 23 May 2017 20:22:06 GMT
server
nginx
etag
"592499ee-1e10"
content-type
font/woff
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
7696
expires
Wed, 25 May 2022 02:49:01 GMT
PragmaticaC.woff
ukr-mova.in.ua/assets/templates/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/templates/fonts/PragmaticaC.woff
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
11237bed4d1fa875bf345142d50731137039190b47aa457efd5c6c0aeec93755

Request headers

Referer
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin
https://ukr-mova.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.001/wn658:0.000/
last-modified
Wed, 10 Dec 2014 19:11:06 GMT
server
nginx
etag
"54889aca-3bf4"
content-type
font/woff
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
15348
expires
Wed, 25 May 2022 02:49:01 GMT
icomoon-soc.woff
ukr-mova.in.ua/assets/templates/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/templates/fonts/icomoon-soc.woff?-sm9jq8
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
94dc26972578717e2b66d6e19d4384d3a202ac8f638f5c4f6c795ce2219049c4

Request headers

Referer
https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin
https://ukr-mova.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.001/wn658:0.000/
last-modified
Tue, 23 May 2017 20:25:25 GMT
server
nginx
etag
"59249ab5-830"
content-type
font/woff
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
accept-ranges
bytes
content-length
2096
expires
Wed, 25 May 2022 02:49:01 GMT
sdk.js
sandbox-api-esp.piano.io/public/sdk/v04/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:01 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
141660
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 18 Apr 2022 11:21:59 GMT
server
cloudflare
etag
W/"1bbec-1803c686fd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c3586f604071-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:01 GMT
jquery.form.min.js
ukr-mova.in.ua/assets/components/ajaxform/js/lib/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/components/ajaxform/js/lib/jquery.form.min.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.002/wn658:0.000/
content-encoding
br
last-modified
Wed, 08 Nov 2017 08:09:22 GMT
server
nginx
etag
W/"5a02bbb2-3983"
content-type
application/javascript
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
expires
Wed, 25 May 2022 02:49:01 GMT
jquery.jgrowl.min.js
ukr-mova.in.ua/assets/components/ajaxform/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ukr-mova.in.ua/assets/components/ajaxform/js/lib/jquery.jgrowl.min.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
9fdc13189ace49bfcaf1cedffaec9e88aba48b26210730af49cd1893f270ac98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1053:0.001/wn658:0.000/
content-encoding
br
last-modified
Wed, 08 Nov 2017 08:09:22 GMT
server
nginx
etag
W/"5a02bbb2-1572"
content-type
application/javascript
cache-control
max-age=2592000
date
Mon, 25 Apr 2022 02:49:01 GMT
expires
Wed, 25 May 2022 02:49:01 GMT
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=412c9bae7f0c274254ee749ced310f43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1459c29601d31798b7519040a50131c08ba3007878122d29a5e31f837b18ddbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ukr-mova.in.ua/
Origin
https://ukr-mova.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jjzIZlOWsqF4Yxz1/323mw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 25 Apr 2023 01:09:50 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82872
x-fb-rlafr
0
x-fb-debug
dkfP48N11jFUPhDnxTz91AG564iIi8CFAZapkAZSiLKj5ZJ+fdSAQs7mKH+pPDW+qfRXI36IMFXjnzb95VNNKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
95a1154a485fcc5a9346218b77f6471c
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 02:49:01 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6ef081c3acd0012ca54a70f469f453e1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?onload=onLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6711165e438cedf58d04ad0be1d48980ff8c9448ad06b5d83bfd846ec76ce170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 23:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52041
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 23:33:35 GMT
584
sandbox-api-esp.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/publisher/fusion/lucid/data/584?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ukr-mova.in.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://ukr-mova.in.ua
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7013c3591fcf743f-LHR
date
Mon, 25 Apr 2022 02:49:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
584
sandbox-api-esp.piano.io/publisher/fusion/lucid/data/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/publisher/fusion/lucid/data/584?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ce972cb576495c09bc78eacc9a3d2f21b0e55d4dfb57f96af268abaa712c92
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ukr-mova.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"e1d-GP/dAIrUReDFMS+eOa1EkMvWYxA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ukr-mova.in.ua
access-control-allow-credentials
true
cf-ray
7013c35a5a998e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 		305 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
913421becbc0c9c5d278ee24c9d48ecbd948cb6eef2874988f1c88c6d324d25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111275
x-xss-protection
0
server
cafe
etag
16956532593986661569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 02:49:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/ Frame 19E8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
14888
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 22:40:53 GMT
etag
14837630671339829333
expires
Sun, 08 May 2022 22:40:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ukr-mova.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=391185391051135&input_token&origin=1&redirect_uri=https%3A%2F%2Fukr-mova.in.ua%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=412c9bae7f0c274254ee749ced310f43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
BKI89S/YaMUpOogQgOMh73I6jWtIuvv/VGlssis1LrtKhTtfp29kvkiXtPqfDsXtA5Y4k3Zu72G8gHPll1TehQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Mon, 25 Apr 2022 02:49:01 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ukr-mova.in.ua
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ukr-mova.in.ua&callback=_gfp_s_&client=ca-pub-6503488954991490
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
86e24cb22f7ce0940b84b04185ddbfe4506424a1bd19dd2f58b4029d9ba8aeb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ukr-mova.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ukr-mova.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6768 		276 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&adk=1812271804&adf=3025194257&lmt=1650854941&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fukr-mova.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941558&bpp=3&bdt=663&idt=327&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=166259595107&frm=20&pv=2&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=353
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4316374da7da18b5620be605ae73b43253c1196e689141746534af0da88518a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
75885
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 02:49:02 GMT
expires
Mon, 25 Apr 2022 02:49:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C9C 		29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d0168ef42e178587bc4af8236e9f3ce756cf700dcce08bc459bb3cfd6489045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11068
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 02:49:02 GMT
expires
Mon, 25 Apr 2022 02:49:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iframeResizer.min.js
sandbox-api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vx.1.92.11-d10d258&p=700
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205790
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"2e2f-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35d0d038e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
state-machine.min.js
sandbox-api-esp.piano.io/public/sdk/vx/lib/state-machine/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vx.1.92.11-d10d258&p=700
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205790
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"f2a-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35d0d058e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
displayer.js
sandbox-api-esp.piano.io/public/sdk/vx/widgets/base/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vx.1.92.11-d10d258&p=700
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205790
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"8abb-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35d0d088e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
displayer.js
sandbox-api-esp.piano.io/public/sdk/vx/widgets/sticky_bottom/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/sticky_bottom/displayer.js?v=vx.1.92.11-d10d258&p=700
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21f2c87fdaa803b3f6b750d7131ead9732d9214d1c555b873dfd5ff02d2001d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205790
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"135a-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35d0d098e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
displayer.js
sandbox-api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/displayer.js?v=vx.1.92.11-d10d258&p=700
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205790
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"3b47-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35d0d0a8e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
esp-service-worker.js
ukr-mova.in.ua/ Frame 		0
0
1981
sandbox-api-esp.piano.io/publisher/unattended/ Frame F253 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48dfcc3cce75fd4f8bf1a8e1aa9ff7f631ca0fc35a77f2d5026f3fdf2f760a30
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
sandbox-api-esp.piano.io
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000 public
cf-cache-status
DYNAMIC
cf-ray
7013c35dfdd58e26-LHR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 02:49:02 GMT
etag
W/"1df8-nSOMvLBBMi6EAhkETEayG7/QYrA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 25 Apr 2023 02:49:02 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
x-cache-status
HIT
700
sandbox-api-esp.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/tracker/lucid/visit/700?story_url=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=10z1vc52hsrj6mj1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ukr-mova.in.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://ukr-mova.in.ua
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7013c35f0c95743f-LHR
date
Mon, 25 Apr 2022 02:49:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
700
sandbox-api-esp.piano.io/tracker/lucid/visit/ 		65 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/tracker/lucid/visit/700?story_url=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=10z1vc52hsrj6mj1
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3689421e993aea1007960cc2db7beb59591ffaebdc34d4916b908675addeb811
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ukr-mova.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"41-ZQWAwlF2Btgx83VJ1b84bbTDLz4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ukr-mova.in.ua
access-control-allow-credentials
true
cf-ray
7013c35fefd68e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
adview
googleads.g.doubleclick.net/pagead/ Frame B497 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUECsHgxmYti1BJnYtwfdh684z4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqAMBqgS1AU_Q_Q0mHWWwPFIhR1lNX1YKIgTbqmkV-uvh6awVUgTi7LUhRhDI_-lJ1SigR7f3ZnUIuktN1IjrdXfFaezFFeLjPVU2u9EkFburSbzyPKx4X8pkzPzVdTgMxNMVMzxl_VirjpSKr2V_QkwrA-FfypdncSvQKaqaeX6LCT31Xl_fW_YvCfbfie18X0iF35kbgap8tMcqtObz4I0jFQKOE37SMO--kyqeSbmB24NQ0Zusf1HCYYWABubOqPms2picWaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1MDM0ODg5NTQ5OTE0OTAYAA&sigh=bSKJ-_DxzOU&uach_m=[UACH]&cid=CAQSGwCNIrLMPJNpsEItDdAcvlAOE-Ef_yhkk511YRgB&tpd=AGWhJmuzUl3fe8PBJD4uk5nZuZpwmN_MK3GC0YVyqn8Nw4yHXhJa9fe2FOuYr52u6PP899p6FTWL09SCVmU_WV6gIe-MTsASvw09ifBv-9p1sR9tzmIQQw_d7ZN-ao_AKtljo5S_vsEWwSsXXscHvLa37QQ00WrimQ0YUavnmfkD1E6wgnzYk3DczZuXjEVr593BsyYYoAnvDXwTGNaoQJvpAv-UtCaqTE4gycQr5rGN4YsPSy-eObLASbwwVy8YKYc3_uQT_qzFqsApaZZWJVkkHLGaci_j3L3OQ6jHMiFRM4nyX_uIN7iHyJzBDSv0IshAyf6KUXTz8oETuidgloihsjmaF_j9gaVaqBcHBvHX41uAKYTPndXLkYrVYy-MFyPwEr6NQBM7RuWbt5DOqDYeFSqsM1NKQfL8FYEt6Sb4GAa8tHy9rxxkINqXt3ZPB6jMQMIZaJTM9uiDUwO5xU5g7XQL_5LS7wjOq6Zkd3Cc2TZxiH19xOqTnI53VA2Wr9zYgndqWsuHauVjWAgVSI39v_g8uSOH4I1wnkUvO3Ae0eFqBfC2luDtOt46LwUQ4RBr58Tykh5Tb338486tNLcWnWuiG3PAAHWqe8wJlX1ymJSx4jMWVvB2UIG4jJ23sjNbBvvFENFuKZN3ZwWpArwkIUeYwNFJwkv6OjKgJtNiuOIHNQ09-0lVnetgIPnvlwi2H3xvBtO3HGvIu09X3P2uu4g2OCuy6GZSLWOkF94_8tiGJSvGvw_Js8LPKTkelh1yCwvA8PQk0yjYT7yDu_6hjPCGsqCJJ_2RL8anryLZlONwSmcLJCd_UCadxdJKsuRK9A8ox0AHGOEuFdL0dtX6tZGhvomPXWO_C_jdRvtBVRDr0yboAPN2Au23jtlK6vXmB9tBKbAn4e8TYMH_gRrwsywwxuUGZBEwwo78-KJHKnMDmmBRwh5yWXlaAWrWfF5T6cVXdFL_eYb8LgjwjJZsIBEXl9pd4jMMZwz45Yq9BU0WjaH_QrN0MB4ITG-zx78zVZPcDHCelANPcOVIZD297YdGgdFWYngiIv_P8elXVHG40fGYXkijnUL7pCpPPbBtWfKw6h4P3kc
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 02:49:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 02:49:02 GMT
js
tags.mathtag.com/notify/ Frame B497 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVRoaE1EZ3dNVFl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzQ2NTY1OTk1NTkzMjYzNTEvMTAxNDQzNDAvOTU4NzU1OC80L0dyQjZQcjB3VU5JTk50VW5JNVdja0VmaklQZFpYSk9Qel9xSzdna1c4R0kvMS80LzAvMC8xNjk5NTI5LzAvMjQ3NzIzLzEwMTY2NjEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMS8zOTc0NjU2NTk5NTU5MzI2MzUxL3pyaC8wLzk2NjcvODEvNTEvMjU4LzJhMDE6NGEwOjJjOjovMC4wMDAvMTY1MDg1NDk0Mi8xNjUwODY3NTQyLzQvcHViLTY1MDM0ODg5NTQ5OTE0OTAv/Kf0vVNQOXq3Fmpt5988CrtGVK8M&nodeid=1834&group=zrh&auctionid=3974656599559326351&shardkey=3974656599559326351&sid=9587558&cid=10144340&bp=a_ajdefi&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.144&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcVMZHgxmYti1BJnYtwfdh684z4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi02NTAzNDg4OTU0OTkxNDkwyAEJqAMBqgS4AU_Q_Q0mHWWwPFIhR1lNX1YKIgTbqmkV-uvh6awVUgTi7LUhRhDI_-lJ1SigR7f3ZnUIuktN1IjrdXfFaezFFeLjPVU2u9EkFburSbzyPKx4X8pkzPzVdTgMxNMVMzxl_VirjpSKr2V_QkwrA-FfypdncSvQKaqaeX6LCT31Xl_fW_YvCfbfie18X0iF35kbw6hdJmuWEOF-RMWIzUIh42PGOlO0vTJ_9HnBdHnxz7e00ch-ZgjxgPuABubOqPms2picWaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UodQGC2ra1cqeouZspYQ6Hi7jHw%26client%3Dca-pub-6503488954991490%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
2552963914ffec13595289b4eb7bee5c0a3fe2a4298127cded4d57bf682a662b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 02:49:03 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1650854942
Last-Modified
Mon, 25 Apr 2022 02:49:02 GMT
Server
MMBD/3.309.0
x-mm-latency
318 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
pao-router-x89, zrh-bidder-x141
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Mon, 25 Apr 2022 02:49:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame B497 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 02:22:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B497 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 02:49:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame B497 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 02:26:27 GMT
styles.css
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/ Frame F253 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/styles.css?v=vx.1.92.11-d10d258
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e5c5a378ee4fa9b338c69434dc4b624749b170c0a09bbe8d8c1d14e2391335
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205789
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"123a-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/css; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35f3f418e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
styles.css
sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/ Frame F253 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/styles.css?v=vx.1.92.11-d10d258
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90532202ccd82df3cbc1db9c4aa50fd85dc2bc50dcbe39f37c36da16889d3009
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205789
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"ab7-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
text/css; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35f3f428e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
jquery-2.2.0.min.js
code.jquery.com/ Frame F253 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e55"
vary
Accept-Encoding
x-hw
1650854942.dop246.am5.t,1650854942.cds317.am5.hn,1650854942.cds304.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
state-machine.min.js
sandbox-api-esp.piano.io/public/sdk/v04/lib/state-machine/ Frame F253 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/lib/state-machine/state-machine.min.js
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205789
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 18 Apr 2022 11:21:59 GMT
server
cloudflare
etag
W/"f2a-1803c686fd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35f3f448e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
iframeResizer.contentWindow.min.js
sandbox-api-esp.piano.io/public/sdk/v04/lib/iframeResizer/ Frame F253 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/lib/iframeResizer/iframeResizer.contentWindow.min.js
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e8e00881d1c861282dfedc25dab47cb9140df10ad6221367451780907e47fb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205789
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 18 Apr 2022 11:21:59 GMT
server
cloudflare
etag
W/"3411-1803c686fd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35f3f458e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
form.js
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/ Frame F253 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/form.js?v=vx.1.92.11-d10d258
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a9fc41a0e356987fe32c9ada7bd7fcd26b21436d18e94229d1b58f4cef50a7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205789
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"3a15-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35f3f468e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
form.js
sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/ Frame F253 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/form.js?v=vx.1.92.11-d10d258
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
323e72bcc317bd42257844c45b1631b698ee06f75eed96b1bd6538ad10fb2052
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
205789
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"f7c-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c35f3f478e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
css
fonts.googleapis.com/ Frame F253 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sandbox-api-esp.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 01:59:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 02:49:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 02:49:02 GMT
700
sandbox-api-esp.piano.io/push/sdk/event/ 		39 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/push/sdk/event/700
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ukr-mova.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
vary
X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
server
cloudflare
etag
W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ukr-mova.in.ua
access-control-allow-credentials
true
cf-ray
7013c36028088e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
700
sandbox-api-esp.piano.io/push/sdk/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/push/sdk/event/700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ukr-mova.in.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://ukr-mova.in.ua
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7013c35f3cc1743f-LHR
date
Mon, 25 Apr 2022 02:49:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
700
sandbox-api-esp.piano.io/push/sdk/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/push/sdk/event/700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ukr-mova.in.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://ukr-mova.in.ua
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7013c35f3cc2743f-LHR
date
Mon, 25 Apr 2022 02:49:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
700
sandbox-api-esp.piano.io/push/sdk/event/ 		39 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/push/sdk/event/700
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ukr-mova.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
vary
X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
server
cloudflare
etag
W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ukr-mova.in.ua
access-control-allow-credentials
true
cf-ray
7013c360280a8e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/reactive_library_fy2019.js?bust=31067205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b681067e28c7823df51f9f1afad004cb35e775edbdb22107c377b906be2f4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52677
x-xss-protection
0
server
cafe
etag
1491599116460425297
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 02:49:02 GMT
icomoon.woff
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/fonts/ Frame F253 		3 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/fonts/icomoon.woff?vx.1.92.11-d10d258
Requested by
Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.92.11-d10d258
Origin
https://sandbox-api-esp.piano.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
20524
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 16:44:19 GMT
server
cloudflare
etag
W/"b70-1804d029eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/font-woff
access-control-allow-origin
https://sandbox-api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7013c36098678e26-LHR
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Tue, 25 Apr 2023 02:49:02 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ukr-mova.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ukr-mova.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 02:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/ Frame 9CFB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
12861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 23:14:41 GMT
etag
14837630671339829333
expires
Sun, 08 May 2022 23:14:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/ Frame 939E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
12861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 23:14:41 GMT
etag
14837630671339829333
expires
Sun, 08 May 2022 23:14:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 9CFB 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 01:55:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 02:49:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 02:49:03 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9CFB 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 23:42:32 GMT
x-content-type-options
nosniff
age
11191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 24 Apr 2023 23:42:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9CFB 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 22:23:35 GMT
x-content-type-options
nosniff
age
15928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 24 Apr 2023 22:23:35 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 9CFB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00b5ad225f6bd985e1acb1b8c2ea9a744fb620f4224fb87ebffac757410fc906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 21:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8221
x-xss-protection
0
server
cafe
etag
14822281365529955957
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 21:22:58 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/ Frame 914F 		93 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1df2941e49923168f86f26e3ba47c061c0ce5786e72fe03a00101a9bc0ab2bf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
101410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
19430
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Apr 2022 22:38:53 GMT
expires
Sun, 23 Apr 2023 22:38:53 GMT
last-modified
Thu, 10 Feb 2022 09:41:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 939E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CA-j_HgxmYt79A4Sq3wPWta6YAYXtovli6KGlz-oP9MK1q64BEAEg7YqoJ2CVAqABreHg8ALIAQmpAurwgxMyH7I-qAMByANIqgTcAU_Q0JmYubuw7sFSrKt4w6igaeqzbJwYqLmawEbBzQZluD8K9GVwOKeYjGdE1SFZhDenHPbKSdfRA_amuqmlkjnNC06Nfipzl4km62oOvXaPSVvdo1cYeIvhWfjxvxgWwbUM2_SAp5vBPc6PQIiNTJcRaOjTXf3_qi-00Q1Hlt0ehRdByHqak7KUeDRtMZW0cfdLZUdLnWY_hSZPsRuxtfrb9sHEnwczkzUnKQxR6_9i_awe8tN-vJAauTCq__zvCgn8Um8uLtqVraepE2sM5IGw7EkRnFrAqqaqzPzABPvAvoP2ApIFBAgEGAGSBQQIBRgEoAYugAe7np-PAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMegNdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NTAzNDg4OTU0OTkxNDkwGAA&sigh=FtlukZGe8PI&uach_m=[UACH]&template_id=419
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 02:49:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 939E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc3f2293f6503ff6ee63c2a69421d235a0f7881a80d89dd407ec2f15eda63fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 19:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7964
x-xss-protection
0
server
cafe
etag
4741051639382073774
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 19:28:57 GMT
css
fonts.googleapis.com/ Frame 914F 		4 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 02:33:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 02:49:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 02:49:03 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 914F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 25 Apr 2022 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 914F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 25 Apr 2022 16:13:39 GMT
css
fonts.googleapis.com/ Frame FD34 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 01:36:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 02:49:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 02:49:03 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame FD34 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 20:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 20:37:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame FD34 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc3f2293f6503ff6ee63c2a69421d235a0f7881a80d89dd407ec2f15eda63fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 19:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7964
x-xss-protection
0
server
cafe
etag
4741051639382073774
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 19:28:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame FD34 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 22:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 22:46:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD34 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 02:49:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame FD34 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 22:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16408
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6368
x-xss-protection
0
server
cafe
etag
1861550861606854559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 22:15:35 GMT
3bde1d5944145a46a8b91d920db5ec4d.js
www.gstatic.com/mysidia/ Frame FD34 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12194
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 14:06:22 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C756 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 02:09:15 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 939E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 22:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 22:46:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 939E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 02:49:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 914F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 20:07:55 GMT
x-content-type-options
nosniff
age
456068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 914F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 18:59:49 GMT
x-content-type-options
nosniff
age
460154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 18:59:49 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C756
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 02:49:03 GMT
expires
Mon, 25 Apr 2022 02:49:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 02:49:03 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 939E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 22:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16408
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6368
x-xss-protection
0
server
cafe
etag
1861550861606854559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 May 2022 22:15:35 GMT
LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
pagead2.googlesyndication.com/bg/ Frame 1A0F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
Requested by
Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 15:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
39380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13636
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:52:43 GMT
LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
pagead2.googlesyndication.com/bg/ Frame 914F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 15:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
39380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13636
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:52:43 GMT
Logo_60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/ Frame 914F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/Logo_60.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b26e8bcdd7442516b0ecfd222b5d3aa07cd403ca3296ab0d7c370f5d169cc223
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
447109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3939
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:41:31 GMT
server
sffe
date
Tue, 19 Apr 2022 22:37:14 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Apr 2023 22:37:14 GMT
Pic.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/ Frame 914F 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/Pic.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aa83e67f0c14880e67162672e65fd6f96294e356e9b66b2640c8389819adc48
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
101371
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30351
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:41:31 GMT
server
sffe
date
Sat, 23 Apr 2022 22:39:32 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Apr 2023 22:39:32 GMT
truncated
/ Frame 939E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c670bdecc1d4d87d5c5a798b9eba31c2398983ea670a68b53f5d8efe6008023d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
146f832b0d61549196e55c869cdaaa00.gif
creative.mathads.com/0001/e8/ec/18/a3/ Frame B497 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.mathads.com/0001/e8/ec/18/a3/146f832b0d61549196e55c869cdaaa00.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.34.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-34-137.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3a626a6b2c5768fa354fe4050a3b8c47dc615ac5ccc69cf430ebb05857f4b944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 02:49:05 GMT
Last-Modified
Fri, 18 Feb 2022 07:18:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
ETag
"79bad3e29c6329fcda1354ecdc769e7f"
Content-Type
image/gif
Cache-Control
private, max-age=31536000
Connection
keep-alive
Content-Length
146429
X-Amz-Cf-Id
3tfSm4VV0YbatCuPCSJSCdn_r4Avk_TUjAkrCj-6CrbEp4A5zq_Zsw==
ck-confirm
tags.mathtag.com/ Frame B497 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3974656599559326351&node_id=1834&exch_id=4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 02:49:04 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x100, zrh-bidder-x141
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 25 Apr 2022 02:49:03 GMT
img
pixel.mathtag.com/event/ Frame B497 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3974656599559326351&v3=1016661&v4=9587558&v5=10144340&mt_nsync=1&no_attr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-164.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master iad-pixel-x22 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 02:49:04 GMT
Server
MT3 4281 354de82 master iad-pixel-x22 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 02:49:03 GMT
img
tags.mathtag.com/event/ Frame B497 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3974656599559326351&st=9587558&time=1650854943&nodeid=1834
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 02:49:04 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x90, zrh-bidder-x141
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 25 Apr 2022 02:49:03 GMT
truncated
/ Frame B497 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a6ffb9f30936e824c0faa5d5a1553f5651e80cbc3fc0c4e46c987b6a4fb4a2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 939E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxvm9ohSw9VPHM5GyfUb2lXthXAFIreUkBgT_Y1GED86BezlHddhCIlUggJNf_17UPZ4OffzSaDn41FRz6FnzBX_JwTWaQlp3Ll42axX60EyFK8msxdg&sai=AMfl-YQit9o-OP_WMIMKuoCNxCE_bLVJuRa-rBb_ul4dpS6_GGtKSU-cqUkkwSC3V7Yy4ncYh6B21maCK9xL&sig=Cg0ArKJSzDum9yeOkjvtEAE&id=lidar2&mcvt=1001&p=0,1,124.25,1006&mtos=0,967,1001,1001,1001&tos=0,967,34,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650854942836&rpt=594&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 02:49:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/event/ Frame B497 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1370448&mt_adid=216764&mt_nsync=1&s1=3974656599559326351&v1=4&v2=2213984614&v3=ukr-mova.in.ua&v4=1016661&v5=9587558&v6=10144340&v7=https://creative.mathads.com/0001/e8/ec/18/a3/146f832b0d61549196e55c869cdaaa00.gif&v8=300x250&v9=null&v10=null&v11=&v12=Google%20Inc.&v13=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&v14=en-US&v15=Linux%20x86_64&v16=display_1.7&v17=CREATIVE_IMAGE_LOAD_SUCCESSFUL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-164.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master iad-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 02:49:05 GMT
Server
MT3 4335 2c68c00 master iad-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 02:49:04 GMT
ZaVnC4dhaV2J8yam9q0oeoUEQknx2kt-Qi51rnjncjQdvrkcAqXrV2WUr4GDbBE6hi3urQvYo08J86L5VoGCfuagXxJF4C-_1XPBmbXcu4qx1ul_a6ufJg==
endpoint1.collection.us2.sumologic.com/receiver/v1/http/ Frame B497 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://endpoint1.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV2J8yam9q0oeoUEQknx2kt-Qi51rnjncjQdvrkcAqXrV2WUr4GDbBE6hi3urQvYo08J86L5VoGCfuagXxJF4C-_1XPBmbXcu4qx1ul_a6ufJg==?s1=3974656599559326351&v1=4&v2=2213984614&v3=ukr-mova.in.ua&v4=1016661&v5=9587558&v6=10144340&v7=https://creative.mathads.com/0001/e8/ec/18/a3/146f832b0d61549196e55c869cdaaa00.gif&v8=300x250&v9=null&v10=null&v11=&v12=Google%20Inc.&v13=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&v14=en-US&v15=Linux%20x86_64&v16=display_1.7&v17=CREATIVE_IMAGE_LOAD_SUCCESSFUL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1255729373&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1650854941&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650854941561&bpp=2&bdt=666&idt=358&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=166259595107&frm=20&pv=1&ga_vid=909928275.1650854941&ga_sid=1650854942&ga_hid=1305260114&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067205%2C31065787%2C31066184%2C31062931&oid=2&pvsid=2378354532637211&pem=404&tmod=2104728&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=orJUQZzlJm&p=https%3A//ukr-mova.in.ua&dtd=363
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.185.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-185-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220420&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24d2745bfd554411beed28442d3bdf360f03c54913a0abbce94b7650bf60a842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 02:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10415
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua&bust=31067205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 02:49:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
14100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 22:54:06 GMT
expires
Mon, 24 Apr 2023 22:54:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9767 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fe77090db1dff0da6f90299aba812ccf98ada174eb65680e783c592a592bf67
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W2ikMcOAZj6qDFodZ1Nc+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ukr-mova.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-W2ikMcOAZj6qDFodZ1Nc+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 02:49:06 GMT
expires
Mon, 25 Apr 2022 02:49:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
pagead2.googlesyndication.com/bg/ Frame 52D8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 15:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
39383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13636
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:52:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B497 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0R9grxLgF17cJua6lfzw66CQWGGIBerlvaVwRqycmJzdh50PaeokExsJBTqR-orLYpUTTnD5SmozGegdogOkWJQ&sig=Cg0ArKJSzDHkQEgv31n6EAE&id=lidar2&mcvt=1014&p=0,0,250,300&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2712173870&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650854942541&rpt=2963&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 02:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9767 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220420&jk=2378354532637211&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 52D8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?o5ZTwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:49:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220420&jk=2378354532637211&bg=!goGlgcXNAAYXWUUuN1k7ACkAdvg8Wm8m_4O6X_NMn_R_V6FpTu2pIFKYeo5EEf9RrsS2jdOvKwOPMQIAAABSUgAAAAFoAQcKADQm5O8P2JsuKqQqJUkYH3NpzRgwHgZQK-VlUOi_TVHGOZntjs6Umg9dO0mebBwJG0dgHTsHmQKbkXyHkVYDstw92YCykCJrZ7k0lj0YbaTNQeBA4j0cOIWqTYZE-Wk0ZyV29ydliKVMZYNixlPKootOpNCDttpxYDag_u3iuZbCNmOLb5gPZPvNlnc1ZcY_mZmNPOtP2z1Jdbuq9NV64-VQha-JCvc4pObzk-r_MwmB3EoT4Da0mlbkmQHQ3mKr1r4ssZY-U2z1PtNhK1XxWC52h0c_xTh2r23jMpyImWkhsY39fWFc3Oyby00IuHXi7Z_VhU3MW_R-6iYiTgrI06S7PuewYL70CgEO7ZVFb2ArzRCdJ94QnG0tJLWkeW05nRBoKKYLrvN1tI3c3GLVfz9Qiqyca9qe3OA3DEXgi68jR_iw0IRKAMwTGYxbeET5-ZyuGjU5R6WjJ_Mh_gTpGTtIAJLT-PQBUd0ZTvMdbKhHMetF4Hiolb558ma9SQQq1OnBWYdBsG7V60U4CBsXVRmIJPAXxGTAhZpxrz92O2nj98sr8EBowDa-rQQrXa2KkMsuKZkdwEzIz0GllqLcpvHFN4JQs9QtdComAE1fvORMcCup1V-wjowOeX6K5ZRkJ7gaYyvUQjAK9deqGCPVpuwv2nrp4Zzbg93HGriuaOwIzJMOBic44eL9vfMHAedpQ9SzcuNuxR4-6F91jqQ38Sq724jg0yw8A34p0v8maPQDkHRz53M8cz6QNqnAP5rt1-SzY4au35k1FWdYRmOPpxlghDcy2pOjHdrJZhDNv7LT6xQSx9xpghFvGXKvcdHOHPqKMdqDG0pK1SkANXm2K4t3_KD9KaX7FhoN4RhAvBM86HVgJa2dHxEZeX6GXM1_M-PNA7YzMnvMQZvPbwZpdVhfe1YzHDIJOxLmWoKhZgw_wWahHQAXgT8B25sfEZrmcBRzQw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ukr-mova.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ukr-mova.in.ua
URL
https://ukr-mova.in.ua/esp-service-worker.js

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| fbAsyncInit function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data object| gaGlobal function| badSubscriptionInfo function| subscribToPushSquads function| tryToSubscribeUserToPushListOnLoad object| PianoESPConfig string| mod_pagespeed_WAmtTx0khS string| mod_pagespeed_q91__67YFU object| show_picters function| fb_share function| go_content object| jQuery110206038644025995275 function| WOW object| AjaxForm object| FB object| gapi object| ___jsl object| PianoESP object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| onYouTubeIframeAPIReady function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| iFrameResize object| StateMachine object| google_llp object| googletag object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
ukr-mova.in.ua/ Name: PHPSESSID
Value: 1d4672fc77373985cf623cfd12e07a95
.ukr-mova.in.ua/ Name: _ga_RGJRK45Q0D
Value: GS1.1.1650854941.1.0.1650854941.0
.ukr-mova.in.ua/ Name: _ga
Value: GA1.1.909928275.1650854941
.ukr-mova.in.ua/ Name: __gads
Value: ID=ac668ac0f4224573-2298e77d81cd001f:T=1650854942:RT=1650854942:S=ALNI_MZFcSk0nwme8UbzuIlWufCDkJCbFQ
ukr-mova.in.ua/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1650854942209%2C%22visitNumber%22%3A1%7D
ukr-mova.in.ua/ Name: pnespsdk_visitor
Value: 10z1vc52hsrj6mj1
.piano.io/ Name: __cf_bm
Value: vX0GqXYd8KmnvL4l0q3tbN16FgDHuiLZUUrLkhx99yE-1650854942-0-AQQSzZ/roiGuNkD0xMeqDAldUhfs+jWbZbfD5OpwCBkCzYYJ5dqR0krDvyIoBKYQwpPglVS8VbuAlg0mixFRmD8=
.doubleclick.net/ Name: IDE
Value: AHWqTUnp4pYBvjJOiOHs0CjKADLE2vW-dUNYgriR5tyjZa8nIX7qJtBcghPwfyGJzsU
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mathtag.com/ Name: uuid
Value: 5b486266-0c1f-4601-b50f-ddf40af3f4e2
endpoint1.collection.us2.sumologic.com/ Name: AWSALBTGCORS
Value: Dkz4CrYfEv5RqBfSN3RobuyCUvd0Uu8MpoYzQrBS90YaUc7O9XcJV1TbkdGHYiUFU8aNDeqqGHarHAKHmt0a+LkG7lg4VYg6yjBjr6FrydTct4wRB5Idi4RkwIz7Zc7b93vktaQZhKDReOKOVQ0ck1T+uvitSWfr7CS0FsAapXKj0e7xPxk=
endpoint1.collection.us2.sumologic.com/ Name: AWSALBCORS
Value: zimmbw289DcNJsfMQavZez31xoQ0yDSCEqbbjcRIaDNUYK1SqJRXe08ZsscmyeqxRWrJ+I4FfHO3RnuoDAu4h8dho/jBcHoq384IbNhOFR5DWhsmuwMbP7jeWruh

2 Console Messages

Source Level URL
Text
other error URL: https://ukr-mova.in.ua/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164522328222739941/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
code.jquery.com
connect.facebook.net
creative.mathads.com
endpoint1.collection.us2.sumologic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
sandbox-api-esp.piano.io
tags.mathtag.com
tpc.googlesyndication.com
ukr-mova.in.ua
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ukr-mova.in.ua
104.79.88.164
104.89.34.137
142.250.186.98
2001:4de0:ac18::1:a:3b
2606:4700::6810:f015
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:7a60:0:1054::1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
50.112.185.104
74.121.143.246
00b5ad225f6bd985e1acb1b8c2ea9a744fb620f4224fb87ebffac757410fc906
025d6947e5924707bf0315200f65bd967680ba42e5c8e6b6948fa9405ccdf9d8
0c3b4742a2f051d5b4563017922c6a5a812a94176b935ec0ef0e7692310b6561
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11237bed4d1fa875bf345142d50731137039190b47aa457efd5c6c0aeec93755
1459c29601d31798b7519040a50131c08ba3007878122d29a5e31f837b18ddbd
1492f13f86dec17d82703c69f04876ac6d2eb57f331b8319076590cef2d6a4ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a9fc41a0e356987fe32c9ada7bd7fcd26b21436d18e94229d1b58f4cef50a7
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1a642d998a7bb9a6451c45ec09b036fd3e9a9503a50543aff9d662abe3ef98ca
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1b681067e28c7823df51f9f1afad004cb35e775edbdb22107c377b906be2f4be
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
24d2745bfd554411beed28442d3bdf360f03c54913a0abbce94b7650bf60a842
2552963914ffec13595289b4eb7bee5c0a3fe2a4298127cded4d57bf682a662b
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7
313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95
323e72bcc317bd42257844c45b1631b698ee06f75eed96b1bd6538ad10fb2052
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3689421e993aea1007960cc2db7beb59591ffaebdc34d4916b908675addeb811
3a626a6b2c5768fa354fe4050a3b8c47dc615ac5ccc69cf430ebb05857f4b944
4316374da7da18b5620be605ae73b43253c1196e689141746534af0da88518a7
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
48dfcc3cce75fd4f8bf1a8e1aa9ff7f631ca0fc35a77f2d5026f3fdf2f760a30
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fe77090db1dff0da6f90299aba812ccf98ada174eb65680e783c592a592bf67
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5ff4df129472ce117df4b51bb3cd58f6ea514d85a63ff77a5df4c5d20ce5cd2b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c1857dee37b756c49089ed0d15e32fbd1bae2cf3d581fc924ff695dc206e0d
65f64c32be0b31cf5b3e60f6fe16fe0545e49375c5486490d10da3be8c823184
6711165e438cedf58d04ad0be1d48980ff8c9448ad06b5d83bfd846ec76ce170
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
6a6ffb9f30936e824c0faa5d5a1553f5651e80cbc3fc0c4e46c987b6a4fb4a2f
6aa83e67f0c14880e67162672e65fd6f96294e356e9b66b2640c8389819adc48
76e8afd1a54e3c4a9a0e604b4766afe94381eb62ad8bff5b3c641e7a970f0e66
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
86e24cb22f7ce0940b84b04185ddbfe4506424a1bd19dd2f58b4029d9ba8aeb2
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b0fb7588bdef04f78ab7ed5959a3d9526b3691620dd492a4fea7f2861654533
90532202ccd82df3cbc1db9c4aa50fd85dc2bc50dcbe39f37c36da16889d3009
913421becbc0c9c5d278ee24c9d48ecbd948cb6eef2874988f1c88c6d324d25e
94dc26972578717e2b66d6e19d4384d3a202ac8f638f5c4f6c795ce2219049c4
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99029fb71cd6a48830667e3e71970eb8b2883c39e9ea26cfa70a9e078b280467
9d0168ef42e178587bc4af8236e9f3ce756cf700dcce08bc459bb3cfd6489045
9fdc13189ace49bfcaf1cedffaec9e88aba48b26210730af49cd1893f270ac98
a21f2c87fdaa803b3f6b750d7131ead9732d9214d1c555b873dfd5ff02d2001d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1df2941e49923168f86f26e3ba47c061c0ce5786e72fe03a00101a9bc0ab2bf
b26e8bcdd7442516b0ecfd222b5d3aa07cd403ca3296ab0d7c370f5d169cc223
b5382ca374b2090d0e344a7c5892d215a6197e71d716a3ca09ba7edb963bbf68
b5e5c5a378ee4fa9b338c69434dc4b624749b170c0a09bbe8d8c1d14e2391335
c670bdecc1d4d87d5c5a798b9eba31c2398983ea670a68b53f5d8efe6008023d
c7e8e00881d1c861282dfedc25dab47cb9140df10ad6221367451780907e47fb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dbe774dc02289295b99fc13974fd4febec3f447337f31005d7c93e1007670e8a
dc3f2293f6503ff6ee63c2a69421d235a0f7881a80d89dd407ec2f15eda63fdd
dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d
e1ce972cb576495c09bc78eacc9a3d2f21b0e55d4dfb57f96af268abaa712c92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
eb31684779b0b969105603eceb28d7d539412520757a21587d17a5c6518249a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f519743889272b88c22b31f23f37f75b7789672564d94fb527b0fdf36a8225db
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
faf82bdf4232c3b4b2e84f909652553508b656cd578b2160415e6bd8afbe7bbb